[{"body":"","link":"https://strivevirtually.net/","section":"","tags":null,"title":""},{"body":"Github Repo https://github.com/abbedsedk/vcf-fleet-automated-lab-deployment/tree/vlan I have similar VLAN Fork that take VCF Workbook as guidelines for VCF 5.x\nGithub Repo and related blog\nAutomated VMware Cloud Foundation Lab Deployment Branch Fork Vlan Update Workload Domains support\nAnother of my VLAN Fork\nGithub Repo and related blog\nUPDATE - Contributed to Script - vSphere with Tanzu using NSX-T Automated Lab Deployment - Fork branch vlan\nVLAN Fork branch Changelog 05/24/2026\nCreated vlan branch of this fork to avoid PR merge conflict Updated to support VLAN for VCF 9.1 For VVF/VCF 9.0.x VLAN deployments, please use VCF 9.0 directory VLANs with reference taken from new vcf-9.1-planning-and-preparation-workbook.xlsx Using 4 nested ESX, using even number nested host here to spread the load on even physical host (I am still using 2 physical host 24threads 128GB of RAM each) Using Minimal VM resources $noVCFAutomation = 1, $NestedESXiMGMTvCPU = \u0026quot;20\u0026quot;, $NestedESXiMGMTvMEM = \u0026quot;56\u0026quot; #GB, (80vCPU 224GBvMEM) x 80 / 100 = 64vCPU 179vMEM as shown in the UI the recommended much needed extra 20% Offline Depot Configurations (optional) keeping 9.0 config logic with https workaround $VCFInstallerDepotHttps = $false VVF 9.1 VLAN and VCF 9.1 WLD VLAN not yet present in this commit, notably $VCSASize cannot be Tiny much less further reducing Memory workaound haven't tested, similarly $VCFOperationsSize cannot be xsmall Related Blog Post coming with Kubernetes troubleshooting and workaround (typical Platform Engineering tasks from my experiences), in case it get stuck for more than an hour, to complete the deployment successfully... 05/12/2026\nUpdated to support VVF/VCF 9.1 For VVF/VCF 9.0.x deployments, please use VCF 9.0 directory 01/04/2026\nRelated Blog Post Fixed shared storage datastore Added EVC variable if needed: $VCSAclusterEvcMode = \u0026quot;\u0026quot; #One among: INTEL_MEROM, INTEL_PENRYN, INTEL_NEALEM, INTEL_WESTMERE, INTEL_SANDYBRIDGE, INTEL_IVYBRIDGE, INTEL_HASWELL, INTEL_BROADWELL, INTEL_SKYLAKE, INTEL_CASCADELAKE, INTEL_ICELAKE, INTEL_SAPPHIRERAPIDS, AMD_REV_E, AMD_REV_F, AMD_GREYHOUND_NO3DNOW, AMD_GREYHOUND, AMD_BULLDOZER, AMD_PILEDRIVER, AMD_STREAMROLLER, AMD_ZEN, AMD_ZEN2, AMD_ZEN3, AMD_ZEN4 Added comment on variable $NestedESXiMGMTvMEM: Tips: 122GB for VCF single node with Wld VMs or 114GB for 2 nodes and with VCF automation enabled \u0026quot;$noVCFAutomation = 0\u0026quot; in sample but without Wld VMs \u0026quot;$deployNestedESXiVMsForWLD = 0\u0026quot; in deployment script 27/03/2026\nRelated Blog Post VLANs with reference taken from vcf-9.0-planning-and-preparation-workbook.xlsx Gateways Network subnets Added separate datastore for Management Domain and Workload Domain, also using local vmfs Added variable $VCFWorkloadDomainNSXManagerSize = \u0026quot;small\u0026quot; Added creation of network pool for VSAN and VMOTION on Workload Domain based on network subnets Added variables $VCFInstallerVMvCPU and $VCFInstallerVMvMEM of VCF Installer VM, reducing by half from 4vCPU+16GBvMEM to 2vCPU+8GBvMEM Added variables $vGuestOS and $vHardwareVersion of vESXi VMs, increasing it from vmkernel8Guest+vmx-20 to vmkernel9Guest+vmx-22 default vmx-20, vmx-21 nvme 1.3c, vmx-22 nvme 1.4 ref. Added variable $noVCFAutomation to skip it in the deployment by setting it to 1 (default reducing by 24vCPU+96vMEM less the lab footprint) Added missing variables under \u0026quot;VCF Installer Setup\u0026quot; to allow 1 host VSAN cluster and, help in VSAN ESA deployment usecase, the code was already present Added check if vApp exist to run the script multiple times on the same vApp just by commenting the value of $random_string and replace its value with the deployment id generated in previous run Added ability to run multiple vApp while using the same VMs name by fixing $moveVMsIntovApp with trick previously shared by fellow vExpert LucD Changed default $VCSASize = \u0026quot;tiny\u0026quot; # default is small, tiny is good enough for LAB/POC seeing the number of VMs. ref. configmax Changed default $VCFOperationsSize = \u0026quot;xsmall\u0026quot; # default is small, xsmall is for under 700 objects, that's good enough for POC/LAB. ref. vcf-operations-90-sizing-guidelines 09/02/2025\nUpdated documentation for VVF deployment 09/01/2025\nInitial Release 0. Offline Depot VCF 9.0 Homelab Offline Depot with generated download token for certified VCP-VCF VMUG Advantage members\nRefer to this blog post to download the metadata with VCF Download Tool (VCFDT) but i also recommend downloading the binaries with this tool,\nbecause downloading with the browser on Broadcom Support Portal i found some bits are missing like in component VSP for example.\nOr if you'd like to anyway download from the website like i did, you can after that download the missing bits with the tool by components separately.\n1.\\vcf-download-tool.bat binaries download --vcf-version=9.1.0.0 --sku=VCF --component=VSP --type=INSTALL --depot-store=../../depot-9.1.0.0 --depot-download-token-file=token.txt The missing files have been finally uploaded in BSP after a while but using VCFDT is more automated and always up to date.\nAfter that install python then follow this blog post to download the python file to quickly and temporarly host a webserver via CLI.\nAlthough VCF 9.1 support offline depot with http unauthenticated see this\nI have re-implement the workaround way in the code with variable $VCFInstallerDepotHttps = $false like in the 9.0 version.\nThen just open prompt and type:\n1python http_server_auth.py --bind 192.168.1.250 --user vcf --password vcf123! --port 8888 --directory E:\\Offline-Depot-9.1.0.0 1. Deploy VMware Cloud Foundation 9.1 Management Domain on 4 Nested Hosts on top of 2 physical host vsphere with Linux NFS running on VMware VCF Installer UI walkthrough Intro Intro/1.About Depoyment wizard.png\nIntro/1.About Depoyment wizard.png\nIntro/2.Depoyment Paths - new fleet.png\nIntro/2.Depoyment Paths - new fleet.png\nPlan Plan/01.Existing Component - postpone VCF Automation deployment by ticking the last option.png\nPlan/01.Existing Component - postpone VCF Automation deployment by ticking the last option.png\nPlan/02.Size Options - deployment simple model no HA.png\nPlan/02.Size Options - deployment simple model no HA.png\nPlan/03.Network options.png\nPlan/03.Network options.png\nPlan/04.Network options - distributed connectivity - vna is not deployed although a single svi vlan on vyos is tempting - vcf workbook recommend centralized at bringup.png\nPlan/04.Network options - distributed connectivity - vna is not deployed although a single svi vlan on vyos is tempting - vcf workbook recommend centralized at bringup.png\nPlan/05.Network options - centralized connectivity - edge cluster.png\nPlan/05.Network options - centralized connectivity - edge cluster.png\nPlan/06.Storage vsan esa.png\nPlan/06.Storage vsan esa.png\nPlan/07.Storage vsan osa - can set ftt to 0.png\nPlan/07.Storage vsan osa - can set ftt to 0.png\nPlan/08.Review-Prerequisites.png\nPlan/08.Review-Prerequisites.png\nPlan/09.Review-Prerequisites-Resources-extra-20pct-recommended.png\nPlan/09.Review-Prerequisites-Resources-extra-20pct-recommended.png\nPlan/10.Review Prerequisites - VLAN.png\nPlan/10.Review Prerequisites - VLAN.png\nPlan/11.Review Prerequisites - FQDN and IP.png\nPlan/11.Review Prerequisites - FQDN and IP.png\nPlan/12.Review Prerequisites - FQDN and IP - Prefill.png\nPlan/12.Review Prerequisites - FQDN and IP - Prefill.png\nPlan/13.Review Prerequisites - FQDN and IP - Prefill 1.png\nPlan/13.Review Prerequisites - FQDN and IP - Prefill 1.png\nPlan/14.Review Prerequisites - FQDN and IP - Prefill 2 validate all and save.png\nPlan/14.Review Prerequisites - FQDN and IP - Prefill 2 validate all and save.png\nPrepare Prepare/1. General information.png\nPrepare/1. General information.png\nPrepare/2. Hosts - enter esx hostname pw and confirm all fingerprints.png\nPrepare/2. Hosts - enter esx hostname pw and confirm all fingerprints.png\nPrepare/2. Hosts - warning 3x8vcpu light but meet the requirements - confirm.png\nPrepare/2. Hosts - warning 3x8vcpu light but meet the requirements - confirm.png\nPrepare/2. Hosts - warning 3x8vcpu light but meet the requirements.png\nPrepare/2. Hosts - warning 3x8vcpu light but meet the requirements.png\nPrepare/3. Networks.png\nPrepare/3. Networks.png\nPrepare/4. VCF Management FQDN.png\nPrepare/4. VCF Management FQDN.png\nPrepare/5. vCenter.png\nPrepare/5. vCenter.png\nPrepare/6. Storage.png\nPrepare/6. Storage.png\nPrepare/7. DVS - default profile.png\nPrepare/7. DVS - default profile.png\nPrepare/7. DVS - NSX Traffic Separation profile - selected - note all uplinks are active by default can be changed here.png\nPrepare/7. DVS - NSX Traffic Separation profile - selected - note all uplinks are active by default can be changed here.png\nPrepare/7. DVS - NSX Traffic Separation profile.png\nPrepare/7. DVS - NSX Traffic Separation profile.png\nPrepare/7. DVS - Storage Traffic Separation profile.png\nPrepare/7. DVS - Storage Traffic Separation profile.png\nPrepare/7. DVS.png\nPrepare/7. DVS.png\nPrepare/8. NSX FQDNs.png\nPrepare/8. NSX FQDNs.png\nPrepare/9. SDDC Manager FQDN.png\nPrepare/9. SDDC Manager FQDN.png\nAt this point the next button bring us to deploy stage of VCF Installer not shown here where we can:\nsave credentials validate save the json after that we can now also call it a day and deploy it on an another day. Deploy Although VCF Installer UI walkthrough was informative, we will use vcf-fleet-automated-lab-deployment script to generate the json based on our sample config and automatically start the the deployment. Deploy/1.sum-mgmt.png\nDeploy/1.sum-mgmt.png\nDeploy/2.exec-mgmt.png\nDeploy/2.exec-mgmt.png\nVCF VLAN Sample Execution VCF 9.1 planning and preparation workbook download is at this link In the example below, I am using like in the reference workbook with the following DNS entries:\nVLAN 1110 (10.11.10.0/24) for all my management VMs (using the same last octet as upstream sample when possible) VLAN 1111 (10.11.11.0/24) for management domain ESX VLAN 1311 (10.13.11.0/24) for Vi workload domain ESX (Although the powershell script for Wld Vlan isn't present yet, the sample file reference both mgmt and wld) Note few changes in FQDN from upstream: vcf-msr01 -\u0026gt; vcf-vsp01 : my own choice because is short for VMSP which is what it was called in VCF 9.0 vcf-flt01 -\u0026gt; opsfm01 : previously used in VCF 9.0 version of the script vcf-int01 -\u0026gt; vcf-ic01 : to reflect workbook naming vcf-log01 \u0026gt; vcf-logs01 vcf-idb01 -\u0026gt; vidb01 : to reflect workbook naming vcf-proxy01 -\u0026gt; opsproxy01 : previously used in VCF 9.0 version of the script vcf-asr01 -\u0026gt; not using it, vcf-vsp01 is used instead in both workbook and API FQDN IP Address Function esx01.abidi.systems 10.11.11.1 ESX Host 1 for Mgmt esx02.abidi.systems 10.11.11.2 ESX Host 2 for Mgmt esx03.abidi.systems 10.11.11.3 ESX Host 3 for Mgmt esx04.abidi.systems 10.11.11.4 ESX Host 4 for Mgmt esx05.abidi.systems 10.13.11.5 ESX Host 1 for WLD esx06.abidi.systems 10.13.11.6 ESX Host 2 for WLD esx07.abidi.systems 10.13.11.7 ESX Host 3 for WLD inst01.abidi.systems 10.11.10.10 VCF Installer sddcm01.abidi.systems 10.11.10.11 SDDC Manager vcf01.abidi.systems 10.11.10.12 VCF Operations vc01.abidi.systems 10.11.10.13 vCenter Server for Mgmt nsx01.abidi.systems 10.11.10.14 NSX Manager VIP for Mgmt nsx01a.abidi.systems 10.11.10.15 NSX Manager Node 1 for Mgmt opsproxy01.abidi.systems 10.11.10.20 VCF Operations Collector opsfm01.abidi.systems 10.11.10.21 VCF Management Services Fleet FQDN auto01.abidi.systems 10.11.10.22 VCF Automation vcf-logs01.abidi.systems 10.11.10.26 Log Management vcf-ic01.abidi.systems 10.11.10.27 VCF Management Services Instance FQDN vidb01.abidi.systems 10.11.10.18 Identity Broker vcf-vsp01.abidi.systems 10.11.10.29 VCF Management Services Runtime vcf-lic01.abidi.systems 10.11.10.30 License Server The Gateways:\n$VMGateway = \u0026quot;10.11.10.53\u0026quot;\n$VMNestedESXiMgmtGateway = \u0026quot;10.11.11.53\u0026quot;\n$VMNestedESXiWldGateway = \u0026quot;10.13.11.53\u0026quot;\nVCFA pool:\n$VCFAutomationIPPool = @(\u0026quot;10.11.10.23\u0026quot;,\u0026quot;10.11.10.24\u0026quot;)\nVMSP pool:\n$VCFManagementServicesIPStartRange = \u0026quot;10.11.10.31\u0026quot;\n$VCFManagementServicesIPEndRange = \u0026quot;10.11.10.45\u0026quot;\n2. Deployment stuck for more than an hour in last stage stuck at an install - deleted lcm build pod to fix vcf-fleet-lcm\nConnect VMSP via SSH on its configured DNS IP with username vmware-system-user Elevate to root with then paste the root password sudo su List the Kubernetes discovered master IP ls /root/.kube/cache/discovery/ Connect Kubernetes master via SSH with username vmware-system-user Elevate to root with then paste the root password sudo su Export Kubernetes credential variable called kubeconfig export KUBECONFIG=/etc/kubernetes/admin.conf 1ssh vcf-vsp01 or .29 2 3sudo su 4 5VMware1!VMware1! 6 7root [ /home/vmware-system-user ]# ls /root/.kube/cache/discovery/ 810.11.10.32_6443 9 10ssh .32 11 12sudo su 13 14VMware1!VMware1! 15 16export KUBECONFIG=/etc/kubernetes/admin.conf We are set to interact with Kubernetes via the CLI called kubectl\nList the pods in vcf-fleet-lcm Kubernetes namespace kubectl get pods -n vcf-fleet-lcm -o wide Delete the pod with name starting with vcf-fleet-build-service-fleetbuild- kubectl delete pod vcf-fleet-build-service-fleetbuild-7b8464ffb8-jwmhd -n vcf-fleet-lcm Verify a new pod is running and ready kubectl get pods -n vcf-fleet-lcm -o wide Optionally you can follow the logs to see occurrence of next install-components app kubectl logs -f vcf-fleet-build-service-fleetbuild-7b8464ffb8-fdls9 -n vcf-fleet-lcm Notice the new pod that have been scheduled has its name ending differently.\nHopefully what you just learn can help you jumpstart your Kubernetes practice.\nBe patient for these install-components could take up to 20 to 30min per apps in my environment.\n1^Croot [ /home/vmware-system-user ]# kubectl delete pod vcf-fleet-build-service-fleetbuild-7b8464ffb8-jwmhd -n vcf-fleet-lcm 2pod \u0026#34;vcf-fleet-build-service-fleetbuild-7b8464ffb8-jwmhd\u0026#34; deleted from vcf-fleet-lcm namespace 3root [ /home/vmware-system-user ]# kubectl get pods -n vcf-fleet-lcm -o wide 4NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES 5vcf-fleet-build-service-fleetbuild-7b8464ffb8-fdls9 1/1 Running 0 44s 198.18.2.231 vcf-vsp01-rffdp \u0026lt;none\u0026gt; \u0026lt;none\u0026gt; 6vcf-fleet-lcm-db-0 3/3 Running 0 175m 198.18.2.161 vcf-vsp01-rffdp \u0026lt;none\u0026gt; \u0026lt;none\u0026gt; 7vcf-fleet-lcm-db-1 3/3 Running 3 (15m ago) 174m 198.18.1.34 vcf-vsp01-xgmcn \u0026lt;none\u0026gt; \u0026lt;none\u0026gt; 8vcf-fleet-lcm-db-2 3/3 Running 0 173m 198.18.3.87 vcf-vsp01-tkdnq \u0026lt;none\u0026gt; \u0026lt;none\u0026gt; 9vcf-fleet-upgrade-service-fleetupgrade-6bd8654798-tsqph 1/1 Running 1 (15m ago) 174m 198.18.1.25 vcf-vsp01-xgmcn \u0026lt;none\u0026gt; \u0026lt;none\u0026gt; 10root [ /home/vmware-system-user ]# kubectl logs -f vcf-fleet-build-service-fleetbuild-7b8464ffb8-fdls9 -n vcf-fleet-lcm If you're looking for an automated way of determining task progress stuck for long time, and restaring fleet lcm pods instead of the hands-on steps above, I found out (after the facts) a KB arcticle that by just executing a provided shell script will resolve the issue as well.\nFleet Manager LCM or SDDC Manager LCM Tasks appear to be stuck or hung.\n3. Completed review Completed/1.completed - review vcenter deploy begin.png\nCompleted/1.completed - review vcenter deploy begin.png\nCompleted/2.completed - review sddc manager deploy begin.png\nCompleted/2.completed - review sddc manager deploy begin.png\nCompleted/3.completed - review configure vsphere cluster begin.png\nCompleted/3.completed - review configure vsphere cluster begin.png\nCompleted/4.completed - review nsx deploy and configure begin.png\nCompleted/4.completed - review nsx deploy and configure begin.png\nCompleted/5.completed - review Deploy and configure VCF Management Platform begin.png\nCompleted/5.completed - review Deploy and configure VCF Management Platform begin.png\nCompleted/6.completed - review Deploy and configure the operations appliance begin.png\nCompleted/6.completed - review Deploy and configure the operations appliance begin.png\nCompleted/7.completed - review Deploy and configure VCF Management Services begin - fixed.png\nCompleted/7.completed - review Deploy and configure VCF Management Services begin - fixed.png\nVCF 9.1 Deployment phase Begin vCenter deploy 11h39 SDDC Manager deploy 12h16 Configure vSphere Cluster 1h01 NSX Deploy and Configure 1h08 Deploy and configure VCF Management Platform 1h40 Deploy and configure the operations appliance 4h22 Deploy and configure VCF Management Services begin 5h30 4. Resources usage Resources/1.nestesd esx hosts above 80 pct memory consumed.png\nResources/1.nestesd esx hosts above 80 pct memory consumed.png\nResources/2.nestesd esx01 host above 80 pct memory consumed.png\nResources/2.nestesd esx01 host above 80 pct memory consumed.png\nResources/3.nested cluster vcf 9.1 .png\nResources/3.nested cluster vcf 9.1 .png\nResources/4.physical 2 hosts cluster.png\nResources/4.physical 2 hosts cluster.png\nResources/5.physical esx01 host.png\nResources/5.physical esx01 host.png\nResources/6.ops-inventory.png\nResources/6.ops-inventory.png\nStay tunned, i'll add brownfield convert vSphere to VCF in the script!\n","link":"https://strivevirtually.net/post/automated-vmware-cloud-foundation-lab-vcf-9.1-fleet-deployment-vlan-fork-branch/","section":"post","tags":["Lab","Automation","VCF 9.1","VCF Planning and Preparation workbook","VCF Installer","SDDC Manager","VCF Operations","VCF Management Services Platform","VCF Management Services Runtime","VCENTER","EVC","ESXI","NESTED ESXI","VSAN","NSX","VCF Fleet lcm","Offline Depot","VMUG","VLAN","Vyos","DNS","NTP","NFS"],"title":"**Automated VMware Cloud Foundation Lab (VCF) 9.1 Fleet Deployment VLAN Fork branch**"},{"body":"","link":"https://strivevirtually.net/tags/automation/","section":"tags","tags":null,"title":"Automation"},{"body":"","link":"https://strivevirtually.net/categories/","section":"categories","tags":null,"title":"Categories"},{"body":"","link":"https://strivevirtually.net/tags/dns/","section":"tags","tags":null,"title":"DNS"},{"body":"","link":"https://strivevirtually.net/tags/esxi/","section":"tags","tags":null,"title":"ESXI"},{"body":"","link":"https://strivevirtually.net/tags/evc/","section":"tags","tags":null,"title":"EVC"},{"body":"","link":"https://strivevirtually.net/tags/index/","section":"tags","tags":null,"title":"Index"},{"body":"","link":"https://strivevirtually.net/tags/lab/","section":"tags","tags":null,"title":"Lab"},{"body":"","link":"https://strivevirtually.net/tags/nested-esxi/","section":"tags","tags":null,"title":"NESTED ESXI"},{"body":"","link":"https://strivevirtually.net/tags/nfs/","section":"tags","tags":null,"title":"NFS"},{"body":"","link":"https://strivevirtually.net/tags/nsx/","section":"tags","tags":null,"title":"NSX"},{"body":"","link":"https://strivevirtually.net/tags/ntp/","section":"tags","tags":null,"title":"NTP"},{"body":"","link":"https://strivevirtually.net/tags/offline-depot/","section":"tags","tags":null,"title":"Offline Depot"},{"body":"","link":"https://strivevirtually.net/post/","section":"post","tags":["index"],"title":"Posts"},{"body":"","link":"https://strivevirtually.net/categories/script-on-github/","section":"categories","tags":null,"title":"SCRIPT on GITHUB"},{"body":"","link":"https://strivevirtually.net/tags/sddc-manager/","section":"tags","tags":null,"title":"SDDC MANAGER"},{"body":"","link":"https://strivevirtually.net/tags/","section":"tags","tags":null,"title":"Tags"},{"body":"","link":"https://strivevirtually.net/categories/technology/","section":"categories","tags":null,"title":"Technology"},{"body":"","link":"https://strivevirtually.net/categories/troubleshooting/","section":"categories","tags":null,"title":"Troubleshooting"},{"body":"","link":"https://strivevirtually.net/categories/tutorials/","section":"categories","tags":null,"title":"TUTORIALS"},{"body":"","link":"https://strivevirtually.net/tags/vcenter/","section":"tags","tags":null,"title":"VCENTER"},{"body":"","link":"https://strivevirtually.net/tags/vcf-9.1/","section":"tags","tags":null,"title":"VCF 9.1"},{"body":"","link":"https://strivevirtually.net/tags/vcf-fleet-lcm/","section":"tags","tags":null,"title":"VCF Fleet Lcm"},{"body":"","link":"https://strivevirtually.net/tags/vcf-installer/","section":"tags","tags":null,"title":"VCF Installer"},{"body":"","link":"https://strivevirtually.net/tags/vcf-management-services-platform/","section":"tags","tags":null,"title":"VCF Management Services Platform"},{"body":"","link":"https://strivevirtually.net/tags/vcf-management-services-runtime/","section":"tags","tags":null,"title":"VCF Management Services Runtime"},{"body":"","link":"https://strivevirtually.net/tags/vcf-operations/","section":"tags","tags":null,"title":"VCF Operations"},{"body":"","link":"https://strivevirtually.net/tags/vcf-planning-and-preparation-workbook/","section":"tags","tags":null,"title":"VCF PLANNING and PREPARATION WORKBOOK"},{"body":"","link":"https://strivevirtually.net/tags/vlan/","section":"tags","tags":null,"title":"VLAN"},{"body":"","link":"https://strivevirtually.net/tags/vmug/","section":"tags","tags":null,"title":"VMUG"},{"body":"","link":"https://strivevirtually.net/tags/vsan/","section":"tags","tags":null,"title":"VSAN"},{"body":"","link":"https://strivevirtually.net/tags/vyos/","section":"tags","tags":null,"title":"VYOS"},{"body":"Save Terabytes of free space Migrate base and nested VCF vms from Windows NFS thick to Rocky Linux NFS thin at 10Gbps speed Migrating Shutdown VMs/01.10Gb physical NIC with 8 10G vnic bonded on Rocky Linux 9 VM with NFS on VMware Workstation on Windows.png\nMigrating Shutdown VMs/01.10Gb physical NIC with 8 10G vnic bonded on Rocky Linux 9 VM with NFS on VMware Workstation on Windows.png\nMigrating Shutdown VMs/02.10Gb real throughput SDDC Manager vm 900GB Storage vMotion from Windows NFS thick to Rocky Linux NFS thin.png\nMigrating Shutdown VMs/02.10Gb real throughput SDDC Manager vm 900GB Storage vMotion from Windows NFS thick to Rocky Linux NFS thin.png\nMigrating Shutdown VMs/03.10Gb real throughput SDDC Manager vm 900GB Storage vMotion completed.png\nMigrating Shutdown VMs/03.10Gb real throughput SDDC Manager vm 900GB Storage vMotion completed.png\nMigrating Shutdown VMs/04.VCF Ops 274GB thick on windows NFS.png\nMigrating Shutdown VMs/04.VCF Ops 274GB thick on windows NFS.png\nMigrating Shutdown VMs/05.VCF Ops migrate storage only.png\nMigrating Shutdown VMs/05.VCF Ops migrate storage only.png\nMigrating Shutdown VMs/06.VCF Ops migrate change datastore to Rocky Linux NFS - notice thin provisioning.png\nMigrating Shutdown VMs/06.VCF Ops migrate change datastore to Rocky Linux NFS - notice thin provisioning.png\nMigrating Shutdown VMs/07.VCF Ops 13GB thin Rocky Linux NFS 10Gb throughput Storage vMotion.png\nMigrating Shutdown VMs/07.VCF Ops 13GB thin Rocky Linux NFS 10Gb throughput Storage vMotion.png\nLive storage vMotion of vCenter fail - troubleshoot - solution Below the play by play captions of the following images:\n1Currently connected network interface Network adapter 1 uses network DVPG_FOR_VM_MANAGEMENT (sddc1-cl01-vds01) which is not accessible. Let's see the dvportgroup DVPG_FOR_VM_MANAGEMENT at ESXi level, we learn that the vdswitch sddc1-cl01-vds01 is actually an NSX Switch. We also see the NSX vm shutdown (for the sake of saving RAM for Nested Lab). Let's look at the VDS at Networking pane level. We see the VDS status is down. Let's power on NSX. We see the VDS is no more down. Let's retry the live storage vMotion from the Windows NFS Datastore in thick provisioning to the Rocky Linux NFS Datastore in thin provisioning.\nMigration Live vCenter again Storage vMotion only/01.vcf vcenter live migrate storage only - fail.png\nMigration Live vCenter again Storage vMotion only/01.vcf vcenter live migrate storage only - fail.png\nMigration Live vCenter again Storage vMotion only/02.ESX01 DVPG VM MANAGEMENT on NSX Switch.png\nMigration Live vCenter again Storage vMotion only/02.ESX01 DVPG VM MANAGEMENT on NSX Switch.png\nMigration Live vCenter again Storage vMotion only/03.NSX Switch VDS status is down.png\nMigration Live vCenter again Storage vMotion only/03.NSX Switch VDS status is down.png\nMigration Live vCenter again Storage vMotion only/04.power on nsx.png\nMigration Live vCenter again Storage vMotion only/04.power on nsx.png\nMigration Live vCenter again Storage vMotion only/05.with nsx powered on - vds status no more down.png\nMigration Live vCenter again Storage vMotion only/05.with nsx powered on - vds status no more down.png\nMigration Live vCenter again Storage vMotion only/06.retry migrate storage only.png\nMigration Live vCenter again Storage vMotion only/06.retry migrate storage only.png\nMigration Live vCenter again Storage vMotion only/07.retry migrate storage only - datastore thin rocky nfs.png\nMigration Live vCenter again Storage vMotion only/07.retry migrate storage only - datastore thin rocky nfs.png\nMigration Live vCenter again Storage vMotion only/08.retry migrate storage summary.png\nMigration Live vCenter again Storage vMotion only/08.retry migrate storage summary.png\nMigration Live vCenter again Storage vMotion only/09.retry live migrate storage only 10g throughput.png\nMigration Live vCenter again Storage vMotion only/09.retry live migrate storage only 10g throughput.png\nMigration Live vCenter again Storage vMotion only/10.retry live migrate storage only 10g throughput completed.png\nMigration Live vCenter again Storage vMotion only/10.retry live migrate storage only 10g throughput completed.png\nRecap storage used per VM per Datastore and related Labs VCF 9 Management Domain (without VCF Automation) 1 Node Nested\n+ VCF 9 VI Workload Domain (ESXi VCENTER NSX) 2 Nodes Nested deployed as thin is ~470GB (local-datastore VMFS)\nGithub Fork vcf-fleet-automated-lab-deployment Blog post with VCF VI Workload Domain and local datastore Recap storage used per VM per Datastore/local-datastore/1.nested lab vapp vcf mgmt and wld domain on local datastore.png\nRecap storage used per VM per Datastore/local-datastore/1.nested lab vapp vcf mgmt and wld domain on local datastore.png\nRecap storage used per VM per Datastore/local-datastore/2.nested lab vapp vms vcf mgmt and wld domain on local datastore.png\nRecap storage used per VM per Datastore/local-datastore/2.nested lab vapp vms vcf mgmt and wld domain on local datastore.png\nRecap storage used per VM per Datastore/local-datastore/3.esx01 physical local datastore lab nested esx02 vm wld domain.png\nRecap storage used per VM per Datastore/local-datastore/3.esx01 physical local datastore lab nested esx02 vm wld domain.png\nRecap storage used per VM per Datastore/local-datastore/4.esx02 physical local datastore nested esx01 mgmt and vcf installer vms.png\nRecap storage used per VM per Datastore/local-datastore/4.esx02 physical local datastore nested esx01 mgmt and vcf installer vms.png\nRecap storage used per VM per Datastore/local-datastore/5.esx02 physical local datastore nested esx01 mgmt and vcf installer vms pie.png\nRecap storage used per VM per Datastore/local-datastore/5.esx02 physical local datastore nested esx01 mgmt and vcf installer vms pie.png\nVCF 9 Management Domain (ESXi, VCENTER, NSX, OPERATIONS, FLEET, COLLECTOR, with VCF Automation) 2 Nodes Nested deployed as thin is ~565GB (NFS thin)\nGithub Fork vcf-fleet-automated-lab-deployment (fixed shared datastore) Blog post with VCF Automation Recap storage used per VM per Datastore/Nested VCFA/1.linux rocky nfs01 vmdk 8tb 530gb used.png\nRecap storage used per VM per Datastore/Nested VCFA/1.linux rocky nfs01 vmdk 8tb 530gb used.png\nRecap storage used per VM per Datastore/Nested VCFA/2.linux-rocky-nfs01-vmdk-8tb-vapp-td4yb150-nested-lab-vcf-automation.png\nRecap storage used per VM per Datastore/Nested VCFA/2.linux-rocky-nfs01-vmdk-8tb-vapp-td4yb150-nested-lab-vcf-automation.png\nRecap storage used per VM per Datastore/Nested VCFA/3.nested-vcf-fleet-lab-on-linux-nfs-thin-provisioned-565gb-space-used-vms.png\nRecap storage used per VM per Datastore/Nested VCFA/3.nested-vcf-fleet-lab-on-linux-nfs-thin-provisioned-565gb-space-used-vms.png\nRecap storage used per VM per Datastore/Nested VCFA/4.nested vcf fleet lab vms on linux nfs thin provisioned 565gb space used.png\nRecap storage used per VM per Datastore/Nested VCFA/4.nested vcf fleet lab vms on linux nfs thin provisioned 565gb space used.png\nVCF 9 Management Domain (ESXi, VCENTER, NSX, OPERATIONS, FLEET, COLLECTOR, without VCF Automation) 2 Nodes Physical deployed as thick is ~2700GB -\u0026gt; 227GB migrated to Linux NFS as thin\nGithub Fork vcf-9x-in-box-nfs Blog Serie Recap storage used per VM per Datastore/Physical Lab/1.-note-the-nfs-datastore-usage-warning.png\nRecap storage used per VM per Datastore/Physical Lab/1.-note-the-nfs-datastore-usage-warning.png\nRecap storage used per VM per Datastore/Physical Lab/2.windows nfs physical 4tb 800gb used freeing Terabytes of space.png\nRecap storage used per VM per Datastore/Physical Lab/2.windows nfs physical 4tb 800gb used freeing Terabytes of space.png\nRecap storage used per VM per Datastore/Physical Lab/3.windows nfs physical 4tb no vm stored.png\nRecap storage used per VM per Datastore/Physical Lab/3.windows nfs physical 4tb no vm stored.png\nRecap storage used per VM per Datastore/Physical Lab/4.linux rocky nfs00 vmdk 8tb 227gb used.png\nRecap storage used per VM per Datastore/Physical Lab/4.linux rocky nfs00 vmdk 8tb 227gb used.png\nRecap storage used per VM per Datastore/Physical Lab/5.linux rocky nfs00 vmdk 8tb all base vcf vms stored.png\nRecap storage used per VM per Datastore/Physical Lab/5.linux rocky nfs00 vmdk 8tb all base vcf vms stored.png\nLessons learned Creating a Linux VM on VMware Workstation with 8 bonded vNIC, and enabling NFS, in the same physical disk used by Windows Server for NFS allow quick (10GB/s) saving of valuable TB of space by Storage vMotion from thick to thin.\nNote: the price of SSD doubled since the end of last year in 2025. Live Storage vMotion of vCenter VM deployed by VCF will have ESXi prepared for NSX and an NSX Switch VDS that require NSX powered on to complete the operation.\nTo learn more on how NSX do the plumbing in VCF environment refer to NSX Reference Design Guide Windows Server for NFS and actual throughput are rather deceptive: NFS provisioning of thin VMs is inflated to thick (meaning we pay disk then fill them with zeroes to the point where we have no space to work) write throughput hit max 10G only using ntttcp but not in real usecase. Rocky Linux Minimal is rather simple to configure NFS and it support thin provisioning (no zeroes filling the space) and aggregating vNIC for more throughput. ","link":"https://strivevirtually.net/post/6.-vcf-9.0-homelab-save-tb-transitioning-windows-nfs-thick-to-rocky-linux-nfs-thin/","section":"post","tags":["Lab","Automation","VCF 9.0","VCF Installer","VCENTER","VMOTION","NSX","NFS","THICK","THIN","WINDOWS","LINUX"],"title":"**6. VCF 9.0 Homelab Save TB transitioning Windows NFS thick to Rocky Linux NFS thin**"},{"body":"","link":"https://strivevirtually.net/tags/linux/","section":"tags","tags":null,"title":"LINUX"},{"body":"","link":"https://strivevirtually.net/tags/thick/","section":"tags","tags":null,"title":"THICK"},{"body":"","link":"https://strivevirtually.net/tags/thin/","section":"tags","tags":null,"title":"THIN"},{"body":"","link":"https://strivevirtually.net/tags/vcf-9.0/","section":"tags","tags":null,"title":"VCF 9.0"},{"body":"","link":"https://strivevirtually.net/tags/vmotion/","section":"tags","tags":null,"title":"VMOTION"},{"body":"","link":"https://strivevirtually.net/tags/windows/","section":"tags","tags":null,"title":"WINDOWS"},{"body":"Github Repo https://github.com/abbedsedk/vcf-fleet-automated-lab-deployment/tree/master I have similar VLAN Fork that take VCF Workbook as guidelines for VCF 5.x\nGithub Repo and related blog\nAutomated VMware Cloud Foundation Lab Deployment Branch Fork Vlan Update Workload Domains support\nAnother of my VLAN Fork\nGithub Repo and related blog\nUPDATE - Contributed to Script - vSphere with Tanzu using NSX-T Automated Lab Deployment - Fork branch vlan\nVLAN Fork Changelog 01/04/2026\nRelated Blog Fixed shared storage datastore Added EVC variable if needed: $VCSAclusterEvcMode = \u0026quot;\u0026quot; #One among: INTEL_MEROM, INTEL_PENRYN, INTEL_NEALEM, INTEL_WESTMERE, INTEL_SANDYBRIDGE, INTEL_IVYBRIDGE, INTEL_HASWELL, INTEL_BROADWELL, INTEL_SKYLAKE, INTEL_CASCADELAKE, INTEL_ICELAKE, INTEL_SAPPHIRERAPIDS, AMD_REV_E, AMD_REV_F, AMD_GREYHOUND_NO3DNOW, AMD_GREYHOUND, AMD_BULLDOZER, AMD_PILEDRIVER, AMD_STREAMROLLER, AMD_ZEN, AMD_ZEN2, AMD_ZEN3, AMD_ZEN4 Added comment on variable $NestedESXiMGMTvMEM: Tips: 122GB for VCF single node with Wld VMs or 114GB for 2 nodes and with VCF automation enabled \u0026quot;$noVCFAutomation = 0\u0026quot; in sample but without Wld VMs \u0026quot;$deployNestedESXiVMsForWLD = 0\u0026quot; in deployment script 27/03/2026\nRelated Blog VLANs with reference taken from vcf-9.0-planning-and-preparation-workbook.xlsx Gateways Network subnets Added separate datastore for Management Domain and Workload Domain, also using local vmfs 2TB each (the lab consume less than 500GB overall), because my base vSphere (vCenter) on NFS here is running out of space Added variable $VCFWorkloadDomainNSXManagerSize = \u0026quot;small\u0026quot; Added creation of network pool for VSAN and VMOTION on Workload Domain based on network subnets Added variables $VCFInstallerVMvCPU and $VCFInstallerVMvMEM of VCF Installer VM, reducing by half from 4vCPU+16GBvMEM to 2vCPU+8GBvMEM Added variables $vGuestOS and $vHardwareVersion of vESXi VMs, increasing it from vmkernel8Guest+vmx-20 to vmkernel9Guest+vmx-22 default vmx-20, vmx-21 nvme 1.3c, vmx-22 nvme 1.4 ref. Added variable $noVCFAutomation to skip it in the deployment by setting it to 1 (default reducing by 24vCPU+96vMEM less the lab footprint) Added missing variables under \u0026quot;VCF Installer Setup\u0026quot; to allow 1 host VSAN cluster and, help in VSAN ESA deployment usecase, the code was already present Added check if vApp exist to run the script multiple times on the same vApp just by commenting the value of $random_string and replace its value with the deployment id generated in previous run Added ability to run multiple vApp while using the same VMs name by fixing $moveVMsIntovApp with trick previously shared by fellow vExpert LucD Changed default $VCSASize = \u0026quot;tiny\u0026quot; # default is small, tiny is good enough for LAB/POC seeing the number of VMs. ref. configmax Changed default $VCFOperationsSize = \u0026quot;xsmall\u0026quot; # default is small, xsmall is for under 700 objects, that's good enough for POC/LAB. ref. vcf-operations-90-sizing-guidelines 1. Deploy VCF Management Domain on 2 Nested Hosts wit VCF Automation on top of 2 physical host vsphere with Linux NFS running on VMware deploy/1.sum-mgmt.png\ndeploy/1.sum-mgmt.png\ndeploy/2.exec-mgmt.png\ndeploy/2.exec-mgmt.png\ndeploy/3.vcf installer ui monitor .png\ndeploy/3.vcf installer ui monitor .png\ndeploy/4.vcf installer cli monitor .png\ndeploy/4.vcf installer cli monitor .png\n2. Login VCF Automation 3. Reviewing why 8h VCF Automation deployment reviewing why 8h vcf automation/01.nested esx01 - sddcmgr - automation 83gb.png\nreviewing why 8h vcf automation/01.nested esx01 - sddcmgr - automation 83gb.png\nreviewing why 8h vcf automation/02.nested esx02 - vc - nsx - ops opsfm opsproxy.png\nreviewing why 8h vcf automation/02.nested esx02 - vc - nsx - ops opsfm opsproxy.png\nreviewing why 8h vcf automation/03.nested esx01 - resources 107gb ram.png\nreviewing why 8h vcf automation/03.nested esx01 - resources 107gb ram.png\nreviewing why 8h vcf automation/04.nested esx02 - resources 89gb ram.png\nreviewing why 8h vcf automation/04.nested esx02 - resources 89gb ram.png\nreviewing why 8h vcf automation/05.physical cluster 200gb ram used on 2 hosts nested vcf 9 mgmt domain with vcf automation.png\nreviewing why 8h vcf automation/05.physical cluster 200gb ram used on 2 hosts nested vcf 9 mgmt domain with vcf automation.png\nreviewing why 8h vcf automation/06.physical esx01 - resources 114gb ram.png\nreviewing why 8h vcf automation/06.physical esx01 - resources 114gb ram.png\nreviewing why 8h vcf automation/07.physical esx01 - vm resources.png\nreviewing why 8h vcf automation/07.physical esx01 - vm resources.png\nreviewing why 8h vcf automation/08.physical esx02 - resources 90gb ram.png\nreviewing why 8h vcf automation/08.physical esx02 - resources 90gb ram.png\nreviewing why 8h vcf automation/09.physical esx02 - vm resources.png\nreviewing why 8h vcf automation/09.physical esx02 - vm resources.png\nreviewing why 8h vcf automation/10.VCFA all night to deploy from 3gb to 83gb on nfs rocky9 in vmware workstation.png\nreviewing why 8h vcf automation/10.VCFA all night to deploy from 3gb to 83gb on nfs rocky9 in vmware workstation.png\nreviewing why 8h vcf automation/11.vcf ops and vcf automation component deployed.png\nreviewing why 8h vcf automation/11.vcf ops and vcf automation component deployed.png\nreviewing why 8h vcf automation/12.OPS-Fleet-mgmt-Lifecycle-VCF-mgmt-Tasks-VCF-Automation-deployment-completed-in-8h39m.png\nreviewing why 8h vcf automation/12.OPS-Fleet-mgmt-Lifecycle-VCF-mgmt-Tasks-VCF-Automation-deployment-completed-in-8h39m.png\nreviewing why 8h vcf automation/13.vcf ops - fleet management - vcf management - tasks - stage5 deploy vcf automation 7h26m.png\nreviewing why 8h vcf automation/13.vcf ops - fleet management - vcf management - tasks - stage5 deploy vcf automation 7h26m.png\nthe Error LCMVMSP10002 obviously show failed container deployment: 1 errorCause \u0026#34;: \u0026#34;[{ 2 \u0026#34;messageId\u0026#34;: \u0026#34;LCMVMSP10002\u0026#34;, 3 \u0026#34;message\u0026#34;: \u0026#34;Failed to deploy product on the application platform.\u0026#34;, 4 \u0026#34;eventId\u0026#34;: \u0026#34;89cdc443-3e7b-4c0f-bde0-60334d790ee6\u0026#34;, 5 \u0026#34;retry\u0026#34;: true, 6 \u0026#34;exceptionMessage\u0026#34;: \u0026#34;Product deployment failed.\u0026#34;, 7 \u0026#34;exceptionStackTrace\u0026#34;: \u0026#34;com.vmware.vrealize.lcm.vmsp.common.exception.DeploymentFailedException: n-- PACKAGE DEPLOYMENT [prelude/vcfa-bundle] STATUS: Progressing --npackage deployment is in progressn-- BUNDLE [prelude/vra] STATUS: Pushed --n-- HR [prelude/vksm-stack] READY: False (DependencyNotReady) --ndependency \u0026#39;prelude/vmsp-prelude-deployer\u0026#39; is not readyn-- HR [prelude/vmsp-prelude-deployer] READY: Unknown (Progressing) --nRunning \u0026#39;install\u0026#39; action with timeout of 1h0m0sn-- FAILED POD [prelude/abx-service-app-586db787c6-hbh44] --nDefaulted container \u0026#34; abx - service - app \u0026#34; out of: abx-service-app, abx-polyglot-runner, abx-service-dependencies (init)nError from server (BadRequest): container \u0026#34; abx - service - app \u0026#34; in pod \u0026#34; abx - service - app - 586db787c6 - hbh44 \u0026#34; is waiting to start: PodInitializingn-- FAILED POD [prelude/adapter-host-service-app-6c9d665ff5-p8mzb] --nDefaulted container \u0026#34; adapter - host - service - app \u0026#34; out of: adapter-host-service-app, adapter-host-service-dependencies (init)nError from server (BadRequest): container \u0026#34; adapter - host - service - app \u0026#34; in pod \u0026#34; adapter - host - service - app - 6c9d665ff5 - p8mzb \u0026#34; is waiting to start: PodInitializingn-- FAILED POD [prelude/approval-service-app-68bcd6786d-7w9kz] --nDefaulted container \u0026#34; approval - service - app \u0026#34; out of: approval-service-app, approval-service-dependencies (init), approval-service-init (init)nError from server (BadRequest): container \u0026#34; approval - service - app \u0026#34; in pod \u0026#34; approval - service - app - 68bcd6786d - 7w9kz \u0026#34; is waiting to start: PodInitializingn-- FAILED POD [prelude/catalog-service-app-67dd96dfbd-jw9g7] --nDefaulted container \u0026#34; catalog - service - app \u0026#34; out of: catalog-service-app, catalog-service-dependencies (init), catalog-service-init (init)nError from server (BadRequest): container \u0026#34; catalog - service - app \u0026#34; in pod \u0026#34; catalog - service - app - 67dd96dfbd - jw9g7 \u0026#34; is waiting to start: PodInitializingn-- FAILED POD [prelude/ccs-gateway-app-5fbc6ffc7-6vqq2] --nDefaulted container \u0026#34; ccs - gateway - app \u0026#34; out of: ccs-gateway-app, ccs-gateway-dependencies (init), ccs-gateway-init (init)nError from server (BadRequest): container \u0026#34; ccs - gateway - app \u0026#34; in pod \u0026#34; ccs - gateway - app - 5fbc6ffc7 - 6vqq2 \u0026#34; is waiting to start: PodInitializingn-- FAILED POD [prelude/ccs-infra-eas-app-64c5646cf9-hd9bs] --nDefaulted container \u0026#34; ccs - infra - eas - app \u0026#34; out of: ccs-infra-eas-app, ccs-infra-eas-dependencies (init), ccs-infra-eas-init (init)nError from server (BadRequest): container \u0026#34; ccs - infra - eas - app \u0026#34; in pod \u0026#34; ccs - infra - eas - app - 64c5646cf9 - hd9bs \u0026#34; is waiting to start: PodInitializingn-- FAILED POD [prelude/ccs-k3s-app-6f9c469c45-fj77s] --nDefaulted container \u0026#34; ccs - k3s - app \u0026#34; out of: ccs-k3s-app, nginx-proxy, ccs-k3s-dependencies (init)nError from server (BadRequest): container \u0026#34; ccs - k3s - app \u0026#34; in pod \u0026#34; ccs - k3s - app - 6f9c469c45 - fj77s \u0026#34; is waiting to start: PodInitializingn-- FAILED POD [prelude/ccs-k3s-post-install-job-7t49h] --nDefaulted container \u0026#34; ccs - k3s - post - install - job \u0026#34; out of: ccs-k3s-post-install-job, ccs-k3s-post-install-dependencies (init)nError from server (BadRequest): container \u0026#34; ccs - k3s - post - install - job \u0026#34; in pod \u0026#34; ccs - k3s - post - install - job - 7t49h \u0026#34; is waiting to start: PodInitializingn-- FAILED POD [prelude/cgs-service-app-c4bf4959-27fvn] --nDefaulted container \u0026#34; cgs - service - app \u0026#34; out of: cgs-service-app, cgs-service-dependencies (init), cgs-service-init (init)nError from server (BadRequest): container \u0026#34; cgs - service - app \u0026#34; in pod \u0026#34; cgs - service - app - c4bf4959 - 27fvn \u0026#34; is waiting to start: PodInitializingn-- FAILED POD [prelude/form-service-app-746d9998b7-b4jtx] --nDefaulted container \u0026#34; form - service - app \u0026#34; out of: form-service-app, form-service-dependencies (init)nError from server (BadRequest): container \u0026#34; form - service - app \u0026#34; in pod \u0026#34; form - service - app - 746d9998b7 - b4jtx \u0026#34; is waiting to start: PodInitializingn-- FAILED POD [prelude/hcmp-service-app-b6bc85d6c-lbmd8] --nDefaulted container \u0026#34; hcmp - service - app \u0026#34; out of: hcmp-service-app, hcmp-service-dependencies (init)nError from server (BadRequest): container \u0026#34; hcmp - service - app \u0026#34; in pod \u0026#34; hcmp - service - app - b6bc85d6c - lbmd8 \u0026#34; is waiting to start: PodInitializingn-- FAILED POD [prelude/project-service-app-7ddd9768fc-jdz9t] --nDefaulted container \u0026#34; project - service - app \u0026#34; out of: project-service-app, project-service-dependencies (init)nError from server (BadRequest): container \u0026#34; project - service - app \u0026#34; in pod \u0026#34; project - service - app - 7ddd9768fc - jdz9t \u0026#34; is waiting to start: PodInitializingn-- FAILED POD [prelude/provisioning-service-app-6df7747c47-qqqrm] --nDefaulted container \u0026#34; provisioning - service - app \u0026#34; out of: provisioning-service-app, provisioning-service-dependencies (init)nError from server (BadRequest): container \u0026#34; provisioning - service - app \u0026#34; in pod \u0026#34; provisioning - service - app - 6df7747c47 - qqqrm \u0026#34; is waiting to start: PodInitializingn-- FAILED POD [prelude/relocation-service-app-798cb79565-7bm69] --nDefaulted container \u0026#34; relocation - service - app \u0026#34; out of: relocation-service-app, relocation-service-dependencies (init)nError from server (BadRequest): container \u0026#34; relocation - service - app \u0026#34; in pod \u0026#34; relocation - service - app - 798cb79565 - 7bm69 \u0026#34; is waiting to start: PodInitializingn-- FAILED POD [prelude/tango-blueprint-service-app-57bd9b4bc4-cjbmc] --nDefaulted container \u0026#34; tango - blueprint - service - app \u0026#34; out of: tango-blueprint-service-app, tango-blueprint-service-dependencies (init), tango-blueprint-service-init (init)nError from server (BadRequest): container \u0026#34; tango - blueprint - service - app \u0026#34; in pod \u0026#34; tango - blueprint - service - app - 57bd9b4bc4 - cjbmc \u0026#34; is waiting to start: PodInitializingn-- FAILED POD [prelude/tango-vro-gateway-app-c49b8df64-wzl27] --nDefaulted container \u0026#34; tango - vro - gateway - app \u0026#34; out of: tango-vro-gateway-app, tango-vro-gateway-dependencies (init)nError from server (BadRequest): container \u0026#34; tango - vro - gateway - app \u0026#34; in pod \u0026#34; tango - vro - gateway - app - c49b8df64 - wzl27 \u0026#34; is waiting to start: PodInitializingn-- FAILED POD [prelude/terraform-service-app-5696b8cb96-j46gh] --nDefaulted container \u0026#34; terraform - service - app \u0026#34; out of: terraform-service-app, blueprint-provider-executor, terraform-service-dependencies (init)nError from server (BadRequest): container \u0026#34; terraform - service - app \u0026#34; in pod \u0026#34; terraform - service - app - 5696b8cb96 - j46gh \u0026#34; is waiting to start: PodInitializingn-- FAILED POD [prelude/vco-app-0] --nDefaulted container \u0026#34; vco - polyglot - runner \u0026#34; out of: vco-polyglot-runner, vco-server-app, vco-dependencies (init), external-cert (init), install-rpms (init)nError from server (BadRequest): container \u0026#34; vco - polyglot - runner \u0026#34; in pod \u0026#34; vco - app - 0 \u0026#34; is waiting to start: PodInitializingnntat com.vmware.vrealize.lcm.vmsp.plugin.tasks.VmspPkgPushTask.execute(VmspPkgPushTask.java:78)ntat com.vmware.vrealize.lcm.vmsp.plugin.tasks.VmspPkgPushTask.retry(VmspPkgPushTask.java:114)ntat com.vmware.vrealize.lcm.automata.core.TaskThread.run(TaskThread.java:60)ntat java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)ntat java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)ntat java.base/java.lang.Thread.run(Unknown Source)n\u0026#34;, 8 \u0026#34;localizedMessageId\u0026#34;: \u0026#34;*****\u0026#34;, 9 \u0026#34;parameters\u0026#34;: null, 10 \u0026#34;properties\u0026#34;: {} 11 } How many time does the error occured ?\nvcf@inst01 [ ~ ]$ cat /var/log/vmware/vcf/domainmanager/domainmanager.log | grep LCMVMSP10002 | wc -l\n169 4. Conclusion VCF Automation 96GB need to be either with a 8GB vm or alone in 114GB Nested ESXi Host ESXi SDDC Manager and VCF Automation resources during and after successful deployment of VCFA.\nJust as reminder SDDC Manager deployment is with 16GB of RAM and no way unlike VCF Installer to modify its deployment to 8GB of RAM like in the deploytment script VLAN Fork.\nThis is the root cause of the problem here.\nSo eventually ESXi scheduler reduce SDDC Manager in favor of VCF Automation.\ndeploy/during and after vcfa deployment/1.esx01-sddcm-16gb-during-vcfa-55gb.png\ndeploy/during and after vcfa deployment/1.esx01-sddcm-16gb-during-vcfa-55gb.png\ndeploy/during and after vcfa deployment/2.esx01-sddcm-8gb-after-vcfa-83gb.png\ndeploy/during and after vcfa deployment/2.esx01-sddcm-8gb-after-vcfa-83gb.png\n5. What have been tried during deployment vm pinning\ndeploy/vm pinning/host-vm-groups.png\ndeploy/vm pinning/host-vm-groups.png\ndeploy/vm pinning/host-vm-rules.png\ndeploy/vm pinning/host-vm-rules.png\nmanual migration fail due to different CPU generation\ndeploy/manual migration fail due to different CPU generation/1.sddcm migrate change compute resource only .png\ndeploy/manual migration fail due to different CPU generation/1.sddcm migrate change compute resource only .png\ndeploy/manual migration fail due to different CPU generation/2.target host does not support current hdw requirements.png\ndeploy/manual migration fail due to different CPU generation/2.target host does not support current hdw requirements.png\ndeploy/manual migration fail due to different CPU generation/3.hardware requirements XSAVE of PKRU - PKU - INVPCID.png\ndeploy/manual migration fail due to different CPU generation/3.hardware requirements XSAVE of PKRU - PKU - INVPCID.png\n6. Using EVC added in generated VCF json deployment result VCF Automation deploy in 2h36m redeploy with EVC/1.sum-mgmt.png\nredeploy with EVC/1.sum-mgmt.png\nredeploy with EVC/2.exec-mgmt.png\nredeploy with EVC/2.exec-mgmt.png\nredeploy with EVC/3.Congratulations!-Your-deployment-completed-successfully!.png\nredeploy with EVC/3.Congratulations!-Your-deployment-completed-successfully!.png\nredeploy with EVC/4.VCF-9-deployment-VCF-automation-in-2h36m.png\nredeploy with EVC/4.VCF-9-deployment-VCF-automation-in-2h36m.png\nNote: In my case, because i have CPUs from different Generation (Ryzen 5950X ESX01 and Ryzen 3900 ESX02) and,\nbecause SDDC Manager is deployed before vCenter configure the Cluster (also with EVC),\nthat SDDCM was running on higher CPU features set on ESX01 and configuration of EVC stopped VCF Installer,\nI had to shutdown SDDCM then enable EVC Zen Gen 2 (it would not take Zen Gen 3 for some reasons although the lowest CPU 3900 is Gen 3),\nthen I powered on SDDCM it came back in ESX01 with Automation,\nI was able to vmotion to ESX02 and VCF Operations took its place but,\nthankfully I had set VCF Ops in Extra Small form factor so it consume only 8GB of ram max with VCFA consuming 96GB of ram max.\nAll that can happen very quickly in a few minutes!\nThere may be other ways to fix this ...\nStay tunned, i'll add brownfield convert vSphere to VCF in the script!\n","link":"https://strivevirtually.net/post/automated-vmware-cloud-foundation-lab-vcf-9.x-fleet-deployment-vlan-fork---with-vcf-automation/","section":"post","tags":["Lab","Automation","VCF 9.0","VCF Planning and Preparation workbook","VCF Installer","SDDC Manager","VCF Operations","VCF Automation","LCMVMSP10002","VCENTER","EVC","ESXI","NESTED ESXI","VSAN","NSX","Fleet","VCF Management Workload Domain","VLAN","Vyos","DNS","NTP","NFS"],"title":"**Automated VMware Cloud Foundation Lab (VCF) 9.x Fleet Deployment VLAN Fork - with VCF Automation**"},{"body":"","link":"https://strivevirtually.net/tags/fleet/","section":"tags","tags":null,"title":"Fleet"},{"body":"","link":"https://strivevirtually.net/tags/lcmvmsp10002/","section":"tags","tags":null,"title":"LCMVMSP10002"},{"body":"","link":"https://strivevirtually.net/tags/vcf-automation/","section":"tags","tags":null,"title":"VCF Automation"},{"body":"","link":"https://strivevirtually.net/tags/vcf-management-workload-domain/","section":"tags","tags":null,"title":"VCF MANAGEMENT WORKLOAD DOMAIN"},{"body":"Github Repo https://github.com/abbedsedk/vcf-fleet-automated-lab-deployment/tree/master I have similar VLAN Fork that take VCF Workbook as guidelines for VCF 5.x\nGithub Repo and related blog Automated VMware Cloud Foundation Lab Deployment Branch Fork Vlan Update Workload Domains support\nAnother of my VLAN Fork\nGithub Repo and related blog UPDATE - Contributed to Script - vSphere with Tanzu using NSX-T Automated Lab Deployment - Fork branch vlan\nVLAN Fork Changelog 01/04/2026\nRelated Blog Fixed shared storage datastore Added EVC variable if needed: $VCSAclusterEvcMode = \u0026quot;\u0026quot; #One among: INTEL_MEROM, INTEL_PENRYN, INTEL_NEALEM, INTEL_WESTMERE, INTEL_SANDYBRIDGE, INTEL_IVYBRIDGE, INTEL_HASWELL, INTEL_BROADWELL, INTEL_SKYLAKE, INTEL_CASCADELAKE, INTEL_ICELAKE, INTEL_SAPPHIRERAPIDS, AMD_REV_E, AMD_REV_F, AMD_GREYHOUND_NO3DNOW, AMD_GREYHOUND, AMD_BULLDOZER, AMD_PILEDRIVER, AMD_STREAMROLLER, AMD_ZEN, AMD_ZEN2, AMD_ZEN3, AMD_ZEN4 Added comment on variable $NestedESXiMGMTvMEM: Tips: 122GB for VCF single node with Wld VMs or 114GB for 2 nodes and with VCF automation enabled \u0026quot;$noVCFAutomation = 0\u0026quot; in sample but without Wld VMs \u0026quot;$deployNestedESXiVMsForWLD = 0\u0026quot; in deployment script 27/03/2026\nVLANs with reference taken from vcf-9.0-planning-and-preparation-workbook.xlsx Gateways Network subnets Added separate datastore for Management Domain and Workload Domain, also using local vmfs 2TB each (the lab consume less than 500GB overall), because my base vSphere (vCenter) on NFS here is running out of space Added variable $VCFWorkloadDomainNSXManagerSize = \u0026quot;small\u0026quot; Added creation of network pool for VSAN and VMOTION on Workload Domain based on network subnets Added variables $VCFInstallerVMvCPU and $VCFInstallerVMvMEM of VCF Installer VM, reducing by half from 4vCPU+16GBvMEM to 2vCPU+8GBvMEM Added variables $vGuestOS and $vHardwareVersion of vESXi VMs, increasing it from vmkernel8Guest+vmx-20 to vmkernel9Guest+vmx-22 default vmx-20, vmx-21 nvme 1.3c, vmx-22 nvme 1.4 ref. Added variable $noVCFAutomation to skip it in the deployment by setting it to 1 (default reducing by 24vCPU+96vMEM less the lab footprint) Added missing variables under \u0026quot;VCF Installer Setup\u0026quot; to allow 1 host VSAN cluster and, help in VSAN ESA deployment usecase, the code was already present Added check if vApp exist to run the script multiple times on the same vApp just by commenting the value of $random_string and replace its value with the deployment id generated in previous run Added ability to run multiple vApp while using the same VMs name by fixing $moveVMsIntovApp with trick previously shared by fellow vExpert LucD Changed default $VCSASize = \u0026quot;tiny\u0026quot; # default is small, tiny is good enough for LAB/POC seeing the number of VMs. ref. configmax Changed default $VCFOperationsSize = \u0026quot;xsmall\u0026quot; # default is small, xsmall is for under 700 objects, that's good enough for POC/LAB. ref. vcf-operations-90-sizing-guidelines 1 Node Management Domain under 128GB of RAM mgmt/1.sum-mgmt.png\nmgmt/1.sum-mgmt.png\nmgmt/2.exec-mgmt.png\nmgmt/2.exec-mgmt.png\nmgmt/3.vcf installer deployment progress start.png\nmgmt/3.vcf installer deployment progress start.png\nmgmt/4.Congratulations Your deployment completed successfully.png\nmgmt/4.Congratulations Your deployment completed successfully.png\nmgmt/5.ops first login.png\nmgmt/5.ops first login.png\nmgmt/6.wait ops home metrics.png\nmgmt/6.wait ops home metrics.png\nReduce memory footprint before VI Workload Domain Deployment https://williamlam.com/2023/09/what-is-vc-ws1a-broker-service-on-vcenter-server-appliance-vcsa.html\n1vmon-cli --stop vc-ws1a-broker 2vmon-cli --update vc-ws1a-broker --starttype DISABLE Although the Identity service consume 2GB of memory, after shutting down VCSA, I went on to reduce by 6GB from 14GB to 8GB and it worked for the less than 10 VMs and 1 Host we have here. For those that recall this VCSA tiny memory value of 8GB was back in days of vCenter version 6.0, ten years ago in 2016.\nThis reduction can be applied to all 3 vCenter:\nthe one running on physical host, the one running on nested host mgmt domain at minimum, the one running again on nested host mgmt domain but for VI wld domain.\nNow let's compare vCenter small form factor versus tiny light (just to rebrand the form factor reduced):\nsmall 3x21GB = 63GB , tiny light 3x8GB = 24GB.\nTo summarize, 40GB of RAM memory saved with little effort: SSH vCenter - Disable service vc-ws1a-broker - Shutdown vCenter - Edit Memory - Power back on.\nLast Note: On one hand RAM pricing increased 10 times, on the other hand lab workload are not meant to hold neither scaleup nor scaleout of configmax, so keeping a sense of proportion helps. Needed documentation for VCF 9 Management Domain startup order link\nreduce memory footprint before wld/1.stop and disable identity service of vcsa.png\nreduce memory footprint before wld/1.stop and disable identity service of vcsa.png\nreduce memory footprint before wld/2.reduce nested vcsa vm memory even more from 14gb to 8gb.png\nreduce memory footprint before wld/2.reduce nested vcsa vm memory even more from 14gb to 8gb.png\nreduce memory footprint before wld/3.wait 10min nested vcsa to fully boot when cpu settle down.png\nreduce memory footprint before wld/3.wait 10min nested vcsa to fully boot when cpu settle down.png\nreduce memory footprint before wld/4.expected ram footprint reduced to 84gb from 90gb for vcf 9 mgmt domain.png\nreduce memory footprint before wld/4.expected ram footprint reduced to 84gb from 90gb for vcf 9 mgmt domain.png\nreduce memory footprint before wld/5.shut down Lab vApp and move out vcf installer vm then power on Lab vApp.png\nreduce memory footprint before wld/5.shut down Lab vApp and move out vcf installer vm then power on Lab vApp.png\nreduce memory footprint before wld/6.start order vcf management.png\nreduce memory footprint before wld/6.start order vcf management.png\nreduce memory footprint before wld/7.ops view after shutdown vApp no more reduction 84gb from 90gb for vcf 9 mgmt domain.png\nreduce memory footprint before wld/7.ops view after shutdown vApp no more reduction 84gb from 90gb for vcf 9 mgmt domain.png\nreduce memory footprint before wld/8.nested vcenter less than 80gb of ram used.png\nreduce memory footprint before wld/8.nested vcenter less than 80gb of ram used.png\n2 Nodes Workload VI Domain under 128GB of RAM wld/1.sum-wld.png\nwld/1.sum-wld.png\nwld/2.exec-wld.png\nwld/2.exec-wld.png\nwld/3.ops fleet management tasks create vi wld domain deploy vcenter.png\nwld/3.ops fleet management tasks create vi wld domain deploy vcenter.png\nwld/4.ops fleet management tasks successfully create vi wld domain deploy vcenter.png\nwld/4.ops fleet management tasks successfully create vi wld domain deploy vcenter.png\nwld/5.ops inventory vi domain.png\nwld/5.ops inventory vi domain.png\nResources and networking both physical and nested resources and networking both physical and nested/1.resources nested esxi workload domain.png\nresources and networking both physical and nested/1.resources nested esxi workload domain.png\nresources and networking both physical and nested/2.vmkernel nested esxi workload domain.png\nresources and networking both physical and nested/2.vmkernel nested esxi workload domain.png\nresources and networking both physical and nested/3.resources nested esxi management domain.png\nresources and networking both physical and nested/3.resources nested esxi management domain.png\nresources and networking both physical and nested/4.vmkernel nested esxi management domain.png\nresources and networking both physical and nested/4.vmkernel nested esxi management domain.png\nresources and networking both physical and nested/5.resources physical esxi02 hosting VCF management domain.png\nresources and networking both physical and nested/5.resources physical esxi02 hosting VCF management domain.png\nresources and networking both physical and nested/6.resources physical esxi01 hosting VCF VI workload domain.png\nresources and networking both physical and nested/6.resources physical esxi01 hosting VCF VI workload domain.png\nresources and networking both physical and nested/7.networking physical Lab DVS.png\nresources and networking both physical and nested/7.networking physical Lab DVS.png\nresources and networking both physical and nested/8.networking physical esx02 vyos plumbing DVPG_FOR_VM_MANAGEMENT and DVPG_FOR_VMTRUNK.png\nresources and networking both physical and nested/8.networking physical esx02 vyos plumbing DVPG_FOR_VM_MANAGEMENT and DVPG_FOR_VMTRUNK.png\nresources and networking both physical and nested/9.networking physical esx02 vyos interfaces and virtual interfaces IPs.png\nresources and networking both physical and nested/9.networking physical esx02 vyos interfaces and virtual interfaces IPs.png\nStay tunned, i'll add brownfield convert vSphere to VCF in the script!\n","link":"https://strivevirtually.net/post/automated-vmware-cloud-foundation-lab-vcf-9.x-fleet-deployment-vlan-fork/","section":"post","tags":["Lab","Automation","VCF 9.0","VCF Planning and Preparation workbook","VCF Installer","SDDC Manager","VCF Operations","VCENTER","ESXI","NESTED ESXI","VSAN","NSX","Fleet","VCF Management Workload Domain","VCF VI Workload Domain","VLAN","Vyos","DNS","NTP"],"title":"**Automated VMware Cloud Foundation Lab (VCF) 9.x Fleet Deployment VLAN Fork**"},{"body":"","link":"https://strivevirtually.net/tags/vcf-vi-workload-domain/","section":"tags","tags":null,"title":"VCF VI WORKLOAD DOMAIN"},{"body":"Since the end of year 2025 we have the ability to generate Download Token in Alpine page for VMUG Advantage members certified VCP-VCF/VCP-VVF,\nbefore that the workaround i asked in vExpert Discord chat server after i got certified in the end June 2025 and coincidentally VCF Engineering had the same idea (most probably because William Lam passed VCP-VCF the same day as me), that was having Offline depot metadata available as well for download, it helped for the last 6 months but has no more reasons to exist,\nand thus the metadata zip files of all version of VCF 9 are no longer available for download in Broadcom Suport Portal since this year 2026.\nIn this blog post i'll walk you through using VCF Download Tool with download token to download the metadata in seconds along with building the offline depot folder hierarchy.\nEnough reading you'll find below the links, images and command line.\n1 login Broadcom Support Portal https://support.broadcom.com 2 login Alpine Support Portal and generate download token https://support.broadcom.com/group/ecx/alpine-certificate copy the token in a token.txt\n3 back to BSP download VCF download tool VCFDT https://support.broadcom.com/group/ecx/productfiles?subFamily=VMware%20Cloud%20Foundation\u0026amp;displayGroup=VMware%20Cloud%20Foundation%209\u0026amp;release=9.0.2.0\u0026amp;os=\u0026amp;servicePk=537791\u0026amp;language=EN 4 download VCF offline depot metadata with VCFDT Extract the tar in the tgz achive and extract the tar with the same name\ncopy token.txt in /bin directory\n1cd bin 2.\\vcf-download-tool.bat metadata download --depot-store=../../depot-9.0.2.0 --depot-download-token-file=token.txt if you're on linux then ommit the .bat that is for windows user\nfor --depot-store this is where '../../' the offline depot folder will be created with its name 'depot-9.0.2.0'\nfor --depot-download-token-file the token.txt has been placed in the /bin with the executable\nDon't forget to copy all the binaries in their respective folder.\n1. VCF 9.0 Homelab Physical Setup and almost complete BOM under 1000€\n2. VCF 9.0 Homelab Infrasturcture Services Setup\n3. VCF 9.0 Homelab Repeatable Wipe and Reload from Buildup to Validations\n4. VCF 9.0 Homelab Deploy on NFSv3 with Workarounds\n","link":"https://strivevirtually.net/post/5.-vcf-9.0-homelab-offline-depot-with-generated-download-token-for-certified-vcp-vcf-vmug-advantage-members/","section":"post","tags":["Homelab","VCF 9.0","VMUG Advantage","VCP-VCF","VCP-VVF","DOWNLOAD TOKEN","VCF OFFLINE DEPOT","METADATA","VCF 9 LICENSES"],"title":"**5. VCF 9.0 Homelab Offline Depot with generated download token for certified VCP-VCF VMUG Advantage members**"},{"body":"","link":"https://strivevirtually.net/tags/download-token/","section":"tags","tags":null,"title":"DOWNLOAD TOKEN"},{"body":"","link":"https://strivevirtually.net/tags/homelab/","section":"tags","tags":null,"title":"Homelab"},{"body":"","link":"https://strivevirtually.net/tags/metadata/","section":"tags","tags":null,"title":"METADATA"},{"body":"","link":"https://strivevirtually.net/categories/serie/","section":"categories","tags":null,"title":"Serie"},{"body":"","link":"https://strivevirtually.net/tags/vcf-9-licenses/","section":"tags","tags":null,"title":"VCF 9 LICENSES"},{"body":"","link":"https://strivevirtually.net/tags/vcf-offline-depot/","section":"tags","tags":null,"title":"VCF OFFLINE DEPOT"},{"body":"","link":"https://strivevirtually.net/tags/vcp-vcf/","section":"tags","tags":null,"title":"VCP-VCF"},{"body":"","link":"https://strivevirtually.net/tags/vcp-vvf/","section":"tags","tags":null,"title":"VCP-VVF"},{"body":"","link":"https://strivevirtually.net/tags/vmug-advantage/","section":"tags","tags":null,"title":"VMUG Advantage"},{"body":"vCenter depoyed and operational in 21min deployment begin with and finish deploying the vCenter OVA in 5min and then became operational in 21min Fail 1 NTP CREATE_VI_PREVALIDATE_FAILED Pre-validation of Workload Domain creation failed with the following messages: NTP Server(s) is/are not available: 192.168.1.100 Solution restart VCF Installer Wait a little more than 10min watching Active Memory usage hit retry Fail 2 vmknic on ESXi02 can't remove vswitch is in use Solution remove remanant vmknic VMK3 created with the kickstart that was giving route to NFS hit retry NSX deployed and operational in 19min nsx ova finish deployed in 13min and operational in 19min Sddcm storage vmotion in 1h40min into NFS Datastore Tips:\ndon't login into expired UI session stop following log VCF Operations deployed in 1h 5h VCF 9 deployment from start download bundle in offline depot to finish first health check successfully Resources Consumed Lesson learn from this 105GB RAM actively consumed, one may think shrinking the resources to 2 hosts of 64GB of RAM with memory tiering may be possible to get VCF 9 Hands-on experience. Shutdown VCF Management Domain on NFS Pay attention to how VCF Operations is shutdown by following the links in the doc. https://techdocs.broadcom.com/us/en/vmware-cis/vcf/vcf-9-0-and-later/9-0/fleet-management/vcf-shutdown-and-startup/vcf-shutdown/shut-down-the-management-domain.html\nhttps://techdocs.broadcom.com/us/en/vmware-cis/vcf/vcf-9-0-and-later/9-0/fleet-management/vcf-shutdown-and-startup/vcf-shutdown/shut-down-the-management-domain/shut-down-the-esx-hosts-in-management-domain/shut-down-esx-hosts-without-vsan-storage.html\nThis conclude Day 1 Operations of VCF 9 Management Domain Deployed on NFSv3.\nStart VCF Management Domain on NFS https://techdocs.broadcom.com/us/en/vmware-cis/vcf/vcf-9-0-and-later/9-0/fleet-management/vcf-shutdown-and-startup/sddc-startup/start-the-management-domain/start-the-esx-hosts-and-vcenter-server-in-management-domain/start-esx-hosts-without-vsan-storage-in-the-management-domain.html\nAfter powering vCenter and before exiting ESXi02 from Maintenance mode,\nWe will fix NFS connectivity on ESXi02 What is the problem:\nESXi02 in maintenance - day 2 fix NFS connectivity Confirm ESXi02 vmknic for NFS network is vmk1 and start ssh service Remove and re add NFS datastore with vmknic binding and 8 connections 1[root@vcf9-esx02:~] esxcli storage nfs list 2Volume Name Host Share Vmknic Accessible Mounted Connections Read-Only isPE Hardware Acceleration 3------------------ ------------- ---------- ------ ---------- ------- ----------- --------- ----- --------------------- 4NFS-Mgmt-Datastore 172.30.50.250 /vcf1-mgmt None true true 1 false false Not Supported 5[root@vcf9-esx02:~] esxcli storage nfs remove -v NFS-Mgmt-Datastore 6[root@vcf9-esx02:~] esxcli storage nfs list 7[root@vcf9-esx02:~] 8[root@vcf9-esx02:~] esxcfg-advcfg -s 8 /NFS/MaxConnectionsPerDatastore 9Value of MaxConnectionsPerDatastore is 8 10[root@vcf9-esx02:~] esxcli storage nfs add -I 172.30.50.250:vmk1 -s /vcf1-mgmt -v NFS-Mgmt-Datastore -c 8 11[root@vcf9-esx02:~] esxcli storage nfs list 12Volume Name Host Share Vmknic Accessible Mounted Connections Read-Only isPE Hardware Acceleration 13------------------ ------------- ---------- ------ ---------- ------- ----------- --------- ----- --------------------- 14NFS-Mgmt-Datastore 172.30.50.250 /vcf1-mgmt vmk1 true true 8 false false Not Supported source: https://knowledge.broadcom.com/external/article/313464/support-for-nconnect-feature-added-in-es.html\nConfirm ESXi02 NFS connectivity has vmknic binding and 8 connections Note the NFS datastore usage warning ESXi02 exit maintenance mode\nnfs-fix-after-shutdown-vcf-and-start-vcf/1.-esx02-in-maintenance-day-2-fix-nfs-connectivity.png\nnfs-fix-after-shutdown-vcf-and-start-vcf/1.-esx02-in-maintenance-day-2-fix-nfs-connectivity.png\nnfs-fix-after-shutdown-vcf-and-start-vcf/2.-confirm-esx02-vmknic-for-nfs-network-is-vmk1-and-start-ssh-service.png\nnfs-fix-after-shutdown-vcf-and-start-vcf/2.-confirm-esx02-vmknic-for-nfs-network-is-vmk1-and-start-ssh-service.png\nnfs-fix-after-shutdown-vcf-and-start-vcf/3.-remove-and-re-add-nfs-datastore-with-vmknic-binding-and-8-connections.png\nnfs-fix-after-shutdown-vcf-and-start-vcf/3.-remove-and-re-add-nfs-datastore-with-vmknic-binding-and-8-connections.png\nnfs-fix-after-shutdown-vcf-and-start-vcf/4.-confirm-esx02-nfs-connectivity-has-vmknic-binding-and-8-connections.png\nnfs-fix-after-shutdown-vcf-and-start-vcf/4.-confirm-esx02-nfs-connectivity-has-vmknic-binding-and-8-connections.png\nnfs-fix-after-shutdown-vcf-and-start-vcf/5.-note-the-nfs-datastore-usage-warning.png\nnfs-fix-after-shutdown-vcf-and-start-vcf/5.-note-the-nfs-datastore-usage-warning.png\nnfs-fix-after-shutdown-vcf-and-start-vcf/6.-esx02-exit-maintenance-mode.png\nnfs-fix-after-shutdown-vcf-and-start-vcf/6.-esx02-exit-maintenance-mode.png\nnfs-fix-after-shutdown-vcf-and-start-vcf/7.-start-order-vcf.png\nnfs-fix-after-shutdown-vcf-and-start-vcf/7.-start-order-vcf.png\nNFS max connections and vmknic binding fixed!\nhttps://techdocs.broadcom.com/us/en/vmware-cis/vcf/vcf-9-0-and-later/9-0/fleet-management/vcf-shutdown-and-startup/sddc-startup/start-the-management-domain.html This is start of Day 2 operations.\n1. VCF 9.0 Homelab Physical Setup and almost complete BOM under 1000€\n2. VCF 9.0 Homelab Infrasturcture Services Setup\n3. VCF 9.0 Homelab Repeatable Wipe and Reload from Buildup to Validations\n4. VCF 9.0 Homelab Deploy on NFSv3 with Workarounds\n5. VCF 9.0 Homelab Offline Depot with generated download token for certified VCP-VCF VMUG Advantage members\n","link":"https://strivevirtually.net/post/4.-vcf-9.0-homelab-deploy-on-nfsv3-with-workarounds/","section":"post","tags":["Homelab","VCF 9.0","NTP","NFS","Deploy","VCF Installer","Workaround"],"title":"**4. VCF 9.0 Homelab Deploy on NFSv3 with Workarounds**"},{"body":"","link":"https://strivevirtually.net/tags/deploy/","section":"tags","tags":null,"title":"Deploy"},{"body":"","link":"https://strivevirtually.net/tags/workaround/","section":"tags","tags":null,"title":"Workaround"},{"body":"First and foremost this serie of posts rely on this repo https://github.com/abbedsedk/vcf-9x-in-box-nfs Before we begin let's prepare ESXi kickstart KS1.CFG\n1vmaccepteula 2#Using USB Key as install and boot device 3install --disk=mpx.vmhba32:C0:T0:L0 --overwritevmfs 4reboot 5 6network --bootproto=static --vlanid=300 --ip=172.30.0.10 --netmask=255.255.255.0 --gateway=172.30.0.253 --hostname=vcf9-esx01.abidi.systems --nameserver=192.168.1.100 --addvmportgroup=1 7rootpw VMware1! 8 9%firstboot --interpreter=busybox 10 11 12#!/bin/ash 13# Author: William Lam 14# Contributor: Abbed Sedkaoui 15# Description: Create required partitions on single NVMe device for vSphere NVMe Tiering, ESXi-OSData and VMFS 16# Updated Configure NFS and configure customized SMBIOS when 2 motherboard with different Manufacturer and Model 17 18# SSD Device Name (as shown in vdq -q) Fanxiang S790 2TB 19SSD_DEVICE=\u0026#34;t10.NVMe____Fanxiang_S790_2TB_______________________8607144202D5820C\u0026#34; 20 21# Size in GB for NVMe Tiering 22NVME_TIERING_SIZE_IN_GB=256 23 24# Size in GB for ESXi OSData 25OSDATA_SIZE_IN_GB=32 26 27# Name for VMFS datastore 28VMFS_DATASTORE_NAME=\u0026#34;local-vmfs-datastore-1\u0026#34; 29 30NTP_SERVER=192.168.1.100 31SSH_ROOT_KEY=\u0026#34;\u0026#34; 32MANAGEMENT_VLAN=300 33MANAGEMENT_VSWITCH_MTU=1700 34 35NFS_VLAN=3050 36NFS_MTU=1500 37NFS_VMK1_IP=172.30.50.150 38NFS_SERVER_IP=172.30.50.250 39NFS_SHARE_MOUNTPOINT=\u0026#34;/vcf1-mgmt\u0026#34; 40NFS_DATASTORE_NAME=\u0026#34;NFS-Mgmt-Datastore\u0026#34; 41 42 43# Generate-CustomESXiSMBIOS PS function with doubling backslash inside curly brackets and, adding backslash before curly brackets and, single quote wrap everything 44CUSTOMIZED_SMBIOS=\u0026#39;vsish -e set /hardware/bios/dmiInfo \\{\\\\\u0026#34;MS-7C37\\\\\u0026#34;, \\\\\u0026#34;Micro-Star International Co., Ltd.\\\\\u0026#34;, \\\\\u0026#34;To be filled by O.E.M.\\\\\u0026#34;, [07, 127, 222, 10, 106, 137, 23, 115, 168, 123, 216, 187, 193, 84, 28, 225], \\\\\u0026#34;1.0.0\\\\\u0026#34;, 6, \\\\\u0026#34;SKU To be filled by O.E.M.\\\\\u0026#34;, \\\\\u0026#34;To be filled by O.E.M.\\\\\u0026#34;\\}\u0026#39; 45#CUSTOMIZED_SMBIOS=\u0026#34;\u0026#34; KS2.CFG\n1vmaccepteula 2install --disk=mpx.vmhba32:C0:T0:L0 --overwritevmfs 3reboot 4 5network --bootproto=static --vlanid=300 --ip=172.30.0.11 --netmask=255.255.255.0 --gateway=172.30.0.253 --hostname=vcf9-esx02.abidi.systems --nameserver=192.168.1.100 --addvmportgroup=1 6rootpw VMware1! 7 8%firstboot --interpreter=busybox 9 10#!/bin/ash 11# Author: William Lam 12# Contributor: Abbed Sedkaoui 13# Description: Create required partitions on single NVMe device for vSphere NVMe Tiering, ESXi-OSData and VMFS 14# Updated Configure NFS 15 16# SSD Device Name (as shown in vdq -q) Fanxiang S880 2TB 17SSD_DEVICE=\u0026#34;t10.NVMe____Fanxiang_S880_2TB_______________________1100535202D5820C\u0026#34; 18 19# Size in GB for NVMe Tiering 20NVME_TIERING_SIZE_IN_GB=256 21 22# Size in GB for ESXi OSData 23OSDATA_SIZE_IN_GB=32 24 25# Name for VMFS datastore 26VMFS_DATASTORE_NAME=\u0026#34;local-vmfs-datastore-2\u0026#34; 27 28NTP_SERVER=192.168.1.100 29SSH_ROOT_KEY=\u0026#34;\u0026#34; 30MANAGEMENT_VLAN=300 31MANAGEMENT_VSWITCH_MTU=1700 32 33NFS_VLAN=3050 34NFS_MTU=1500 35NFS_VMK3_IP=172.30.50.152 36NFS_SERVER_IP=172.30.50.250 Reusing 2 different Motherboard Manufacturer and Model is possible by providing Custom SMBIOS strings - if the 2 hosts have identical Manufacturer and Model leave CUSTOMIZED_SMBIOS=\u0026quot;\u0026quot; https://williamlam.com/2025/01/easier-method-to-simulate-custom-esxi-smbios-hardware-strings.html\nI install ESX02 on an MSI X570-A PRO,\nand ESX01 on an Asrock B550 PRO4.\nI used the MSI X570-A PRO as source when running the PS function to generate custom SMBIOS string similar to it for ESX01.\n1source 2 3vsish -e get /hardware/bios/dmiInfo 4 5[root@vcf9-esx02:~] vsish -e get /hardware/bios/dmiInfo 6System Information (type1) { 7 Product Name:MS-7C37 8 Vendor Name:Micro-Star International Co., Ltd. 9 Serial Number:To be filled by O.E.M. 10 UUID:[0]: 0x0a 11 [1]: 0xde 12 [2]: 0x7f 13 [3]: 0x07 14 [4]: 0x89 15 [5]: 0x6a 16 [6]: 0x73 17 [7]: 0x17 18 [8]: 0xa8 19 [9]: 0x7b 20 [10]: 0xd8 21 [11]: 0xbb 22 [12]: 0xc1 23 [13]: 0x54 24 [14]: 0x1c 25 [15]: 0xe1 26 Version:3.0 27 Wake-up Type:6 28 SKU Number:To be filled by O.E.M. 29 Family:To be filled by O.E.M. 30} 31 32 33 34 UUID:[0]: 0x0a [1]: 0xde [2]: 0x7f [3]: 0x07 [4]: 0x89 [5]: 0x6a [6]: 0x73 [7]: 0x17 [8]: 0xa8 [9]: 0x7b [10]: 0xd8 [11]: 0xbb [12]: 0xc1 [13]: 0x54 [14]: 0x1c [15]: 0xe1 350ade7f07-896a-7317-a87b-d8bbc1541ce1 36 37On Powershell either by copy pasting the snippet from the link above in PS terminal or by sourcing the file of the function if it\u0026#39;s saved, i choose pasting the function snippet. 38Then call the function as described in the articles. 39 40Generate-CustomESXiSMBIOS -Uuid \u0026#34;0ade7f07-896a-7317-a87b-d8bbc1541ce1\u0026#34; -Model \u0026#34;MS-7C37\u0026#34; -Vendor \u0026#34;Micro-Star International Co., Ltd.\u0026#34; -Serial \u0026#34;To be filled by O.E.M.\u0026#34; -SKU \u0026#34;To be filled by O.E.M.\u0026#34; -Family \u0026#34;To be filled by O.E.M.\u0026#34; Additionally to running or sourcing the Powershell function Generate-CustomESXiSMBIOS, we have to do some formating in order to define the string as variable in KS1.CFG in this case:\ndouble backslash inside curly brackets adding backslash before the opening curly bracket and before the ending curly bracket adding single quote at begining and the end 1CUSTOMIZED_SMBIOS=\u0026#39;vsish -e set /hardware/bios/dmiInfo \\{\\\\\u0026#34;MS-7C37\\\\\u0026#34;, \\\\\u0026#34;Micro-Star International Co., Ltd.\\\\\u0026#34;, \\\\\u0026#34;To be filled by O.E.M.\\\\\u0026#34;, [07, 127, 222, 10, 106, 137, 23, 115, 168, 123, 216, 187, 193, 84, 28, 225], \\\\\u0026#34;1.0.0\\\\\u0026#34;, 6, \\\\\u0026#34;SKU To be filled by O.E.M.\\\\\u0026#34;, \\\\\u0026#34;To be filled by O.E.M.\\\\\u0026#34;\\}\u0026#39; 2#CUSTOMIZED_SMBIOS=\u0026#34;\u0026#34; Repeatable vcf9 deployment from scratch Clean Delete previous content of previous VCF deployment in NFS share folder\nClean disks\nFollowing operations done on futur ESXi02: local SSD + both USB Keys plugged. 1diskpart 2list disk 3sel disk #for ssd 4clean 5convert gpt 6sel disk #repeat for the two usb 7clean 8 9#login 1st host 10diskpart 11list disk 12sel disk #for ssd 13clean 14convert gpt Shutdown the 1st Host Make USB bootable with ESXi 9.0 ISO using Rufus utility ESXi 9.0.1 iso\nUncheck label\nStart (45 seconds)\nDrop down to 2nd usb\nStart (45 seconds)\n32GB USB 3.0 Phillips is used for ESXi01 and 64GB USB 3.0 Emtec is used for ESXi02.\nrufus/rufus1.0.png\nrufus/rufus1.0.png\nrufus/rufus1.1.png\nrufus/rufus1.1.png\nrufus/rufus1.2.png\nrufus/rufus1.2.png\nrufus/rufus1.3.png\nrufus/rufus1.3.png\nrufus/rufus2.0.png\nrufus/rufus2.0.png\nrufus/rufus2.1.png\nrufus/rufus2.1.png\nrufus/rufus2.2.png\nrufus/rufus2.2.png\nCopy kickstart script with Explorer and Edit boot config file with Notepad++ Copy KS1.cfg to usb1\nCopy KS2.cfg to usb2\nEdit usb1/efi/boot/boot.cfg\n1kernelopt=ks=usb:/KS1.CFG Edit usb2/efi/boot/boot.cfg\n1kernelopt=ks=usb:/KS2.CFG Note: Double check both boot.cfg file in cases the KS number is wrong or \u0026quot;kerneopt=\u0026quot; is written twice.\nVerify DNS, NTP, NFS share Plug all usb in respective hosts Right-Click on Explorer USB to find Eject\nSwitch KVM to 1st Host\nPowerOn ESXi01 host and quickly hit Del keyboard key repeatitively until light on KVM is green and stop blinking\nHit the display (BenQ 2nd) button to switch to the other HDMI\nBoot menu -\u0026gt; change Order to configure first boot USB part 1\nWait for 3 consecutive boot of esxi hosts\nBIOS UEFI Note: Asrock motherboard BIOS make the 3 boot without intervention, but MSI motherboard BIOS will reboot to Windows. Change to the new OS entry \u0026quot;VMware ESXi\u0026quot;.\nbios/251226130551.jpg\nbios/251226130551.jpg\nbios/251226145059.jpg\nbios/251226145059.jpg\nbios/251226145122.jpg\nbios/251226145122.jpg\nbios/MSI_SnapShot_00.jpg\nbios/MSI_SnapShot_00.jpg\nbios/MSI_SnapShot_01.jpg\nbios/MSI_SnapShot_01.jpg\nbios/MSI_SnapShot_02.jpg\nbios/MSI_SnapShot_02.jpg\nbios/MSI_SnapShot_03.jpg\nbios/MSI_SnapShot_03.jpg\nbios/MSI_SnapShot_04.jpg\nbios/MSI_SnapShot_04.jpg\nbios/MSI_SnapShot_05.jpg\nbios/MSI_SnapShot_05.jpg\nbios/MSI_SnapShot_06.jpg\nbios/MSI_SnapShot_06.jpg\nbios/MSI_SnapShot_07.jpg\nbios/MSI_SnapShot_07.jpg\nbios/MSI_SnapShot_08.jpg\nbios/MSI_SnapShot_08.jpg\nbios/MSI_SnapShot_09.jpg\nbios/MSI_SnapShot_09.jpg\nbios/MSI_SnapShot.jpg\nbios/MSI_SnapShot.jpg\nLogin the ESXi UI to confirm once the IP is up\nDeploy VCF Installer/Sddc Manager using Git-Bash to launch the shell script Right click scripts folder -\u0026gt; Open Git Bash here\n1sh deploy_vcf_installer.sh (1 min) Setup and apply workarounds on VCF Installer using Powershell script Right click scripts folder -\u0026gt; Powershell 7 -\u0026gt; Open here\n1.\\setup_vcf_installer.ps1 (2 min) Start python webserver for Offline depot using Powershell script Right click scripts folder -\u0026gt; Powershell 7 -\u0026gt; Open here\n1python http_server_auth.py --bind USB-Nic{IP} --user vcf --password vcf123! --port 8888 --directory E:\\Offline-Depot-9.0.1.0 Configure VCF 9 Offline Depot and Download all the bits using VCF Installer UI Login VCF Installer FQDN\nConfigure offline depot\nDrop down VCF 9.0.1\nSelect all\nDownload (4min at 2.4Gbps with USB-c Nic realtek adapter + 4min to finish validating vcf-automation bits)\noffline-depot/1.sddcm-login.png\noffline-depot/1.sddcm-login.png\noffline-depot/2.depot-home.png\noffline-depot/2.depot-home.png\noffline-depot/3.configure-offline-depot.png\noffline-depot/3.configure-offline-depot.png\noffline-depot/4.change-product-vcf-version.png\noffline-depot/4.change-product-vcf-version.png\noffline-depot/5.select-all-components-and-hit-download.png\noffline-depot/5.select-all-components-and-hit-download.png\noffline-depot/6.usb-nic-2.5gbps-upload-at-2.4gbps.png\noffline-depot/6.usb-nic-2.5gbps-upload-at-2.4gbps.png\noffline-depot/7.vcf-offline-depot-download-successful.png\noffline-depot/7.vcf-offline-depot-download-successful.png\nStart monitoring SSH to VCF Installer ip using vcf user\nFollow the log of domainmananger\n1tail -f /var/log/vmware/vcf/domainmanager/domainmanager.log Start the validations with VCF 9 deployment json spec Return home\nDeploy using json spec\nChoose file in config folder vcf90-two-node.json\nHit next that will start validations\nFollowing this blog series there is no error but only warning you can, after review, aknowledge warnings to start deploying\nWarning1: NTP Warning2: ESXi02 NFS vmknic binding not enable because: the json spec contains \u0026quot;enableBindToVmknic\u0026quot;: false which avoid NFS Validations Error, although setup_vcf_installer.ps1 contains \u0026quot;fsm.ValidateHostNfsDataStoreAction.skipCheck\u0026quot; = \u0026quot;true\u0026quot; which is also necessary to avoid NFS Validations Error these 2 workarounds allow passing validations From cleaning from scratch to validating ready to deploy in less than an hour!\nIf there are errors,\nFix them,\nHit back delete loaded json file,\nAnd load the json with different settings.\nMore on these 2 warnings in the next post 4.\n1. VCF 9.0 Homelab Physical Setup and almost complete BOM under 1000€\n2. VCF 9.0 Homelab Infrasturcture Services Setup\n3. VCF 9.0 Homelab Repeatable Wipe and Reload from Buildup to Validations\n4. VCF 9.0 Homelab Deploy on NFSv3 with Workarounds\n5. VCF 9.0 Homelab Offline Depot with generated download token for certified VCP-VCF VMUG Advantage members\n","link":"https://strivevirtually.net/post/3.-vcf-9.0-homelab-repeatable-wipe-and-reload-from-buildup-to-validations/","section":"post","tags":["Homelab","Github","VCF 9.0","NFS","Clean","ESXi-Kickstart","VCF-Offline-depot","Deploy-VCF-Installer","Workarounds","Customized SMBIOS","BIOS UEFI","Validations"],"title":"**3. VCF 9.0 Homelab Repeatable Wipe and Reload from Buildup to Validations**"},{"body":"","link":"https://strivevirtually.net/tags/bios-uefi/","section":"tags","tags":null,"title":"BIOS UEFI"},{"body":"","link":"https://strivevirtually.net/tags/clean/","section":"tags","tags":null,"title":"Clean"},{"body":"","link":"https://strivevirtually.net/tags/customized-smbios/","section":"tags","tags":null,"title":"Customized SMBIOS"},{"body":"","link":"https://strivevirtually.net/tags/deploy-vcf-installer/","section":"tags","tags":null,"title":"Deploy-VCF-Installer"},{"body":"","link":"https://strivevirtually.net/tags/esxi-kickstart/","section":"tags","tags":null,"title":"ESXi-Kickstart"},{"body":"","link":"https://strivevirtually.net/tags/github/","section":"tags","tags":null,"title":"Github"},{"body":"","link":"https://strivevirtually.net/tags/validations/","section":"tags","tags":null,"title":"Validations"},{"body":"","link":"https://strivevirtually.net/tags/workarounds/","section":"tags","tags":null,"title":"Workarounds"},{"body":"The IP/Naming scheme are slitghly different from the original github repo.\nFeel free to adapt to your own.\nhttps://github.com/lamw/vcf-9x-in-box/tree/master DNS and NTP services will be setup in a windows server VM running on VMware Workstation using bridged to 2.5G usb-c nic DNS UPDATED 27/1/2026: VM Network to 172.30.0.0/24 because 172.17.x.x is used by docker and KINDnet (Kubernetes IN Docker) in VCF\nPreviously this lab had management VM Network on 172.17.31.0, Local Subnet Clash with Docker and KIND\nCreating a new Reverse Lookup Zone and Deleting and recreating all A records in DNS with the new subnet was pretty quick reIPing.\nDeploying again from scratch is not an issue it's covered in following post 3. VCF 9.0 Homelab Repeatable Wipe and Reload from Buildup to Validations and 4. VCF 9.0 Homelab Deploy on NFSv3 with Workarounds\nBefore adding the A records below, remember to first create the corresponding Reverse Lookup Zone.\nHostname FQDN IP Address Function dc-pc2 dc-pc2.abidi.systems 192.168.1.100 DNS Server vcf9-esx01 vcf9-esx01.abidi.systems 172.30.0.10 Physical ESX-1 Server vcf9-esx02 vcf9-esx02.abidi.systems 172.30.0.11 Physical ESX-2 Server vcf9-sddcm01 vcf9-sddcm01.abidi.systems 172.30.0.12 VCF Installer / SDDC Manager vcf9-vc01 vcf9-vc01.abidi.systems 172.30.0.13 vCenter Server for Management Domain vcf9-vcf01 vcf9-vcf01.abidi.systems 172.30.0.14 VCF Operations vcf9-nsx01 vcf9-nsx01.abidi.systems 172.30.0.15 NSX Manager VIP for Management Domain vcf9-nsx01a vcf9-nsx01a.abidi.systems 172.30.0.16 NSX Manager for Management Domain vcf9-edge01a vcf9-edge01a.abidi.systems 172.30.0.17 NSX Edge 1a for Management Domain vcf9-edge02a vcf9-edge02a.abidi.systems 172.30.0.18 NSX Edge 2a for Management Domain vcf9-opsfm01 vcf9-opsfm01.abidi.systems 172.30.0.19 VCF Operations Fleet Manager vcf9-opsproxy01 vcf9-opsproxy01.abidi.systems 172.30.0.20 VCF Operations Proxy Collector vcf9-auto01 vcf9-auto01.abidi.systems 172.30.0.30 VCF Automation NTP\n1w32tm /config /manualpeerlist:\u0026#34;pool.ntp.org,0x8\u0026#34; /syncfromflags:MANUAL /reliable:YES /update 2w32tm /resync /rediscover NFS will be setup on the windows server Host using 10G sfp nic nfs/add-server-for-nfs-role.png\nnfs/add-server-for-nfs-role.png\nnfs/new-nfs-share-1-general.png\nnfs/new-nfs-share-1-general.png\nnfs/new-nfs-share-2-authentication.png\nnfs/new-nfs-share-2-authentication.png\nnfs/new-nfs-share-3-share-permissions.png\nnfs/new-nfs-share-3-share-permissions.png\nnfs/new-nfs-share-4-ntfs-permissions.png\nnfs/new-nfs-share-4-ntfs-permissions.png\nnfs/new-nfs-share-5-folder in explorer.png\nnfs/new-nfs-share-5-folder in explorer.png\nnfs/nfs-10g-nic-windows-ip.png\nnfs/nfs-10g-nic-windows-ip.png\nnfs/nfs-10g-nic-windows-mtu-1514.png\nnfs/nfs-10g-nic-windows-mtu-1514.png\nnfs/nfs-10g-nic-windows-vlan-3050.png\nnfs/nfs-10g-nic-windows-vlan-3050.png\nNotice the MTU is changed from 9014 to 1514.\nUPDATE 26/1/2026: VCF 9 Offline Depot - Download Token - VCFDT download metadata quickly Since the end of year 2025 with the ability to generate Download Token in Alpine page for VMUG advantage certified VCP-VCF/VCP-VVF members,\nthe workaround i asked after i got certified in the end of June 2025 that was having Offline depot metadata available for download has no more reasons to exist,\nand thus the metadata zip are no longer available in Broadcom Support Portal (BSP) for all version of VCF 9.\nUsing VCF Download Tool with download token we download the metadata in seconds along with building the folder hierarchy.\n5. VCF 9.0 Homelab Offline Depot with generated download token for certified VCP-VCF VMUG Advantage members\nSSH Enable SSH \u0026quot;Monitor Management\u0026quot; pane\nVLAN and Switchport allowed VLAN Due to reIping above, the vlan + switchport allowed vlan + interface vlan have been recreated\nvlan/vlan id.png\nvlan/vlan id.png\nvlan/vlan switchport config.png\nvlan/vlan switchport config.png\nInterface VLAN and MTU configure interface vlan\nNote: i used .253 instead of .1\nconfigure mtu at interface vlan level (notice that in this switch it is limited from 1500-2000 at interface vlan level)\nmtu/1 mtu like windows.png\nmtu/1 mtu like windows.png\nmtu/2 mtu at interface vlan limited from 1500-2000.png\nmtu/2 mtu at interface vlan limited from 1500-2000.png\n1Switch#sh run | begin interface V* 2interface Vlan1 3 ip address 192.168.1.253 255.255.255.0 4! 5interface Vlan300 6 description VCF 9 MANAGEMENT 7 ip address 172.30.0.253 255.255.255.0 8! 9interface Vlan301 10 description VCF 9 TEP 11 mtu 1700 12 ip address 172.30.1.253 255.255.255.0 13! 14interface Vlan303 15 description VCF 9 NSX UPLINK1 16 ip address 172.30.3.253 255.255.255.0 17! 18interface Vlan304 19 description VCF 9 NSX UPLINK2 20 ip address 172.30.4.253 255.255.255.0 21! 22interface Vlan305 23 ip address 172.30.5.253 255.255.255.0 24! 25interface Vlan3040 26 description VCF 9 VMOTION 27 mtu 1700 28 ip address 172.30.40.253 255.255.255.0 29! 30interface Vlan3050 31 description VCF 9 NFS 32 ip address 172.30.50.253 255.255.255.0 33! Default route in \u0026quot;Route Config\u0026quot; pane\nStatic route -\u0026gt; configure a default to your Home gateway for internet access 1. VCF 9.0 Homelab Physical Setup and almost complete BOM under 1000€\n2. VCF 9.0 Homelab Infrasturcture Services Setup\n3. VCF 9.0 Homelab Repeatable Wipe and Reload from Buildup to Validations\n4. VCF 9.0 Homelab Deploy on NFSv3 with Workarounds\n5. VCF 9.0 Homelab Offline Depot with generated download token for certified VCP-VCF VMUG Advantage members\n","link":"https://strivevirtually.net/post/2.-vcf-9.0-homelab-infrasturcture-services-setup/","section":"post","tags":["Homelab","VCF 9.0","DNS","NTP","NFS"],"title":"**2. VCF 9.0 Homelab Infrasturcture Services Setup**"},{"body":"Diagram Office Desk 2 wooden trestles (given) microfiber cloth (in between) tick black glass table (5€ at \u0026quot;leboncoin\u0026quot; - Neighborhood Marketplaces eBay like) Posture An old picture that i made following along since 1998 that someone uploaded on wikipedia as it is long standing informations.\nI find the most helpful variable is, the 90° at the elbow with keyboard/desk angle, to have wrists straight.\nBill Of Materials recommandations The goals of this BOM is achieve at minimal cost:\nMaximum Features: this X570 chipset is ranged in top tier has all lower PCIe slot enabled and this non-M version from Asrock has all lower PCIe slot opened to maximize usability\n104,39€ ASRock X570 PRO4 Motherboard Supports 3600X 5600G 5700X 5700x3D 5800X3D CPU 4xDDR4 4066 MHz M.2 HDMI PCIe 4.0 ATX AM4 Mainboard\nMaximum Computability: 84Ghz with lite overclock from 3.1Ghz to 3.5Ghz per CPU threads\n144,39€ Ryzen 7 R7 3800X Ryzen 9 R9 3900 R9 3900X R9 3900XT R9 3950X for AM4\nI choose R9 3900.\nMaximum Cooling and Minimum Fan Noise: to allow lite overclocking above with this 65W OEM used CPU\n25,99€ 6 Heat Pipe CPU Cooler 4Pin PWM PC Quiet Air Cooler Fan for Intel LGA 1366 1700 1200 1150 1151 1155 2011 X79 X99 AM3 AM4 AM5\nI choose\nColor: Lightless-3fan\nBlade Color: 1700-115X-1200-AMD\nMaximum Network bandwidth with Desktop motherboard: 2x 10Gbit running at full speed at 4x each\nThis card links keeps going 404 so you may have to search \u0026quot;Network Adapter 1xSFP+ Port PCIe 4x\u0026quot; to find a new ones.\nI've already had 3 links, i'll try to keep it updated, here the newest\n24,39€ + shipping 4,76€ Adaptateur réseau Ethernet 10 go Intel 82599EN X520-DA1 1xSFP + Port PCI-E X1,X4,x8,x16, carte NIC M.2 Windows Linux serveurs VMware**\nChoose color: X520-DA1 X4 28,19€ Hot sale M.2 10G Server Network Card M.2 M X520-DA1 10G SFP+ Fiber Optic Industrial Computer Server Network Card JL82599EN Chip\nMaximum PCIe Lanes availability: PCIe 1x slot used for GPU still able to display 1080p freeing the PCIe 4.0 x16 for other usecases: AI GPU or Storage with the following bifurcation card for 4x NVMe M.2\n22,19€ N165R Super ST425 PCIe X1 AST2400 2K VGA Graphics Card 1920 X1200 32bpp@60Hz for Win10/Win 11 32/64 PCIE Expansion Card Adapter\nMaximum Storage: bifurcation card splitting PCIe 4.0 16x slot into 4 SSD NVMe M.2 running at full speed 4x each\n13,49€ + shipping 6,40€ PCIEX16 NVME M2 MKEY SSD RAID Array Expansion Adapter Card Motherboard PCIE Split Card With Cooling Fan Easy To Use\nMaximum Efficiency Power Supply Unit: 2 links depending on country voltage\n220V for EMEA\n€66.50 Tacens Radix VII AG 800S, PC Power Supply ATX 800W, 10 Year Warranty, 80Plus Silver, 87% Efficiency, SMD and DC-DC Technologies, AI-RPM 140mm FDB Fan, Japanese TK 105º Capacitors, Black\n115V for US\n$66.99 Apevia ATX-PR800W Prestige 800W 80+ Gold Certified, RoHS Compliance, Active PFC ATX Gaming Power Supply\nSubtotal for a single ESXi Host and we need 2 Hosts for VCF 9.0 on NFS:\n433€\nAdding Networking Switch and cables between the 2 Hosts:\n92.39€ ONTi Full 10-Gb SFP+ Ports L3 Managed Network Switch Support DHCP and Dynamic Routing Support VLAN Division and Port Aggregation\nI choose Color: ONT-S508CL-8S\n40€ ONTi 10G SFP+ Twinax Cable, Direct Attach Copper(DAC) Passive Cable, 0.5-7M,Compatible with Cisco,MikroTik,HP,Intel...Etc Switch\nI choose Color: 1m AWG30\nQuantity 4\nFor NFS with single 10G nic, i choose Color: 2m AWG30 for 12,29€ not counted in this BOM see what's missing section below.\n133€\nTotal\n999€\nWhat's missing in this BOM DDR4 RAM due to prices volatility until production resume forecasted for after 2nd quarter next year in 2026 (or around July), so looking forward to seeing 32GB DDR4 at its lowest 40€ and not its highest 400€ like now in December 2025.\nM.2 SSD NVMe any decent PCIe 4.0 SSD for NVMe Memory Tiering, (note if you plan to use Chinese SSD brands then choose Fanxiang because it is the only Chinese SSD brand recognized by ESXi 9.0 installer from my experience)\nComputer Case: i reccommend without the lateral glass instead with holes to help vent fresh/hot air, likewise i recommend 140mm fans as they have low RPM and thus quieter, 120mm fans are ok, but definitely avoid old case with 80mm Fan.\nNFS Host/NAS Appliance:\n4TB NVMe or more is better especially if you intent to add more component like VRLI or VRNI (note: a bifurcation card like above with 4 SSD in RAID would be ideal, and choose a motherboard that support bifurcation)\n10G nic at full speed preferably\n2.5G usb-c nic rj45 to upload VCF 9.0 offline depot, reasoning the \u0026quot;why?\u0026quot;, because it takes less than 10min at full speed (4min upload and 4min finishing bits validation)\n2.5G SFP+ module to copper rj45\n2 USB 3.0 key for ESXi install and boot Bonus Point VCF 9.0 on NFS: 1 SSD per ESXi host + Bifurcation by splitting PCIe 4.0 16x in 4 disks running each at full speed 4x4x4x4x = 4 differents labs of VCF 9.0 on NFS with 2 host and just a bunch of SSDs.\nOr 1 lab VCF on NFS + 1 lab VCF on VSAN.\nWhy would ESXi host would need only 1 SSD? Because NVMe Tiering + OSDATA + VMFS local datastore are already done via the kickstart unattended install.\nThus having a set USB keys for each of the 4 differents VCF labs and simply changing the BIOS boot order would make it a perfect Lab station!\nReuse existing hardware Dual 10G SFP+ nic PCIe 2.0 8x: note to be aware that plugging in the second 16x slot, that is wired at 4x, make the speed much slower Modding GPU bracket + Riser 1x to 16x\nUseful if you already have a passive GPU and already have the motherboard but the 1x slot isn't opened.\nNot perfect because VGA could not be used.\nModding/Jeyi plastic bracket m.2 to pcie adapter.jpg\nModding/Jeyi plastic bracket m.2 to pcie adapter.jpg\nModding/Jeyi plastic bracket modded face a.jpg\nModding/Jeyi plastic bracket modded face a.jpg\nModding/Jeyi plastic bracket modded face b.jpg\nModding/Jeyi plastic bracket modded face b.jpg\nModding/Jeyi plastic bracket modded nvidia gt710 riser 1x to 16x.jpg\nModding/Jeyi plastic bracket modded nvidia gt710 riser 1x to 16x.jpg\nModding/MSI_SnapShot_09.jpg\nModding/MSI_SnapShot_09.jpg\n2 Host with different motherboad Manufacturer and Model\nCustomize SMBIOS with generated string based on Manufacturer and Model of one the 2 Hosts (already done via the kickstart unattended install)\nKVM usb 2.0 and VGA, only keyboard and mouse used for entering UEFI BIOS to change boot order between local windows disk (for cleaning steps)\nUSB ESXi Part 1 (for starting the lab from scratch)\nDisplay 2 BenQ 23\u0026quot; enough for 1080p, the second screen has 2 hdmi plugged one for the NFS box and one for the first host 2 Sets of keyboard mouse, one set plugged on the kvm for the hosts, one set the NFS box Update 3/1/2026: Installing singles 10G SFP nic 4x to replace dual 10G SFP 8x Note: An extra SATA power is needed for the M.2 cards. 10G-sfp-nic-4x/IMG_20260103_131701.jpg\n10G-sfp-nic-4x/IMG_20260103_131701.jpg\n10G-sfp-nic-4x/IMG_20260103_132111.jpg\n10G-sfp-nic-4x/IMG_20260103_132111.jpg\n10G-sfp-nic-4x/IMG_20260103_132546.jpg\n10G-sfp-nic-4x/IMG_20260103_132546.jpg\n10G-sfp-nic-4x/IMG_20260103_133320.jpg\n10G-sfp-nic-4x/IMG_20260103_133320.jpg\n10G-sfp-nic-4x/IMG_20260103_134121.jpg\n10G-sfp-nic-4x/IMG_20260103_134121.jpg\n10G-sfp-nic-4x/IMG_20260103_135152.jpg\n10G-sfp-nic-4x/IMG_20260103_135152.jpg\n10G-sfp-nic-4x/IMG_20260103_141256.jpg\n10G-sfp-nic-4x/IMG_20260103_141256.jpg\n10G-sfp-nic-4x/IMG_20260103_145059.jpg\n10G-sfp-nic-4x/IMG_20260103_145059.jpg\n1. VCF 9.0 Homelab Physical Setup and almost complete BOM under 1000€\n2. VCF 9.0 Homelab Infrasturcture Services Setup\n3. VCF 9.0 Homelab Repeatable Wipe and Reload from Buildup to Validations\n4. VCF 9.0 Homelab Deploy on NFSv3 with Workarounds\n5. VCF 9.0 Homelab Offline Depot with generated download token for certified VCP-VCF VMUG Advantage members\n","link":"https://strivevirtually.net/post/1.-vcf-9.0-homelab-physical-setup-and-bom/","section":"post","tags":["Homelab","VCF 9.0","BOM","NFS"],"title":"**1. VCF 9.0 Homelab Physical Setup and almost complete BOM under 1000€**"},{"body":"","link":"https://strivevirtually.net/tags/bom/","section":"tags","tags":null,"title":"BOM"},{"body":"Blueprint Exam Objectives https://docs.broadcom.com/docs/vcp-vvf-arch-3\nBroadcom Techdocs Documentation https://techdocs.broadcom.com/us/en/vmware-cis/vcf/vcf-5-2-and-earlier/5-2/vmware-cloud-foundation-operations-5-2.html\nJoin the VCP-VCF Administrator Exam Study Groups Discord Channel - https://discord.gg/cAgPKfAPnd\nCommunity Exam Guide - https://docs.google.com/document/d/1k5bo1HuDXVVYckb_lv1irkdPzR2xhL1O-iRxE5HIRxA/edit?usp=sharing\nBlog covering the recordings - https://blogs.vmware.com/code/2025/02/13/join-the-vmware-code-vcp-vcf-study-group/\nThis Serie of posts that cover Section 4 - Install, Configure, Administrate the VMware by Broadcom Solution https://strivevirtually.net/categories/serie/\nHands-On Labs VCF 5.2 with VCP-VCF in mind with a focus on Aria Suite\nPrice $250 exam + $50 tax\nVMUG Advantage 50% off 300/2 = $150\nonce you get your VMUG Advantage Membership, go to order to get 50% off coupon code, it will take 1 day to arrive in your email inbox. the coupon is valid for 30 days, so take your time to feel ready for the exam before doing the coupon order above. during this 30 days, you have a ticking clock to go on pearsonvue via certmetrics to schedule for exam within these same 30 days ! Scheduled Exam in advance in PearsonVUE go to certmetrics, it will ask for boardcom support credential to SSO\nhttps://cp.certmetrics.com/vmware/en/home/dashboard\non the left expand \u0026quot;SCHEDULE\u0026quot; chevron\nclick on \u0026quot;Vue SSO\u0026quot;\nclick on \u0026quot;SSO TO VUE\u0026quot; button\non Pearson VUE Home, under Schedule an exam, Exam catalog, click \u0026quot;View Exams\u0026quot;, expand \u0026quot;VMware Professional Level Exams\u0026quot;\nselect the exams you wish to pass !\nthere is 2024 and 2025, and a 2024 version for Japanese speaker\nI choose \u0026quot;2V0-11.25 VMware Cloud Foundation 5.2 Administrator\u0026quot;\nin nearby Test Center if any This is a choice that should be made in advance because you will not find any place at the last minute !\nOR\nonline at home with OnVUE Again schedule to pass your exam way before 30 days VMUG coupon order end.\nAdvantage of online is the time of the day to schedule is from 5:00AM to late at night I had mine sheduled for 9:45PM in the begining of summer season, when temperature was cooler, i had a tiny fan and window 1cm open, and also bottle of fresh water.\nnote on taking the exam this late, be sure to drink some coffee to stay awake especially in these long days of summer.\nbefore paying don't forget to enter your VMUG Advantage Coupon code !\nThe whole process is documented here https://docs.broadcom.com/doc/broadcom-software-exam-registration-process\nTips Before the exam online:\nif you have a freshly install of windows, this is best (even installed on a VHD) if you have many network card adapter, disable them all except one if you have multiple dns configured one private and one public, be sure to make the public one first if you have VMware Worksation installed, disable DHCP service always download the latest app before doing system Test Why? Because my experience was that:\nI had in my first attempt an issue when the protor release the exam and it was blank, the next step is to reload the OnVUE app,\nthus having a new protor and doing again environment check,\ni had this 4 time so with 4 proctor,\nthe last proctor proposed if i have a an another computer, i said yes and then she closed my exam, but after booting my other computer i was without new code.\nI've written an email to the customer service https://www.pearsonvue.com/us/en/test-takers/customer-service/email.html\nAnd PearsonVUE Program Coordinator apologized and rescheduled the exam for me.\nHave to mention that people on discord chat are supportive as well.\nDuring the exam:\nbegin with the end in mind of passing score watch the time after spending much time on a question (no rush i had 30 min to review around 10 questions which i skimmed through fast because it was almost midnight!) if uncertain, check the mark box for review at the end if you don't know, use elimination of distractor responses be sure to show head to shoulder at all time (I've leaned towards the screen at the end, to read closely the marked questions, and the proctor reminded me on chat to stay on screen from head to shoulder) Result You get your score right after clicking the finish button!\n300 or more and you pass !\nExplaining VMware Scaled score VMware Certification Insights: How Scaled Scoring Works\n...passing score is 60% (or six out of 10 raw) for this sample exam.\nNow in the context of VCP-VCF Administrator, there is 60 item questions, so let's try some math.\n60x60/100 = 36 correctly responded questions to pass !\nQuickly create a Credly account before taking the Exam then you'll receive the good news by email - after 1 day (12hour in my case) Credly VMware by Broadcom CERTIFIED PROFESSIONAL VMware Cloud Foundation Administrator\nVCP Certifications Licenses ready - few hour later https://support.broadcom.com/group/ecx/alpine-certificate\nGood News now 1 exam = 3 licenses\nVCP VCF = VCF + vDefend with ATP + ALB\ncorresponding exams:\n","link":"https://strivevirtually.net/post/how-i-pass-vcp-vcf-administrator-2025-version-exam-online-from-home/","section":"post","tags":["vEXPERT","VMUG Advantage","VCP-VCF","Certification"],"title":"**How i pass VCP-VCF Administrator 2025 version exam online from home!**"},{"body":"","link":"https://strivevirtually.net/tags/certification/","section":"tags","tags":null,"title":"Certification"},{"body":"","link":"https://strivevirtually.net/categories/news/","section":"categories","tags":null,"title":"News"},{"body":"","link":"https://strivevirtually.net/tags/vexpert/","section":"tags","tags":null,"title":"VEXPERT"},{"body":"Let's begin by the full catalog So you can make your own selection.\nhttps://labs.hol.vmware.com/HOL/catalog\nVCF 5.2 with VCP-VCF in mind with a focus on Aria Suite I've spelled the lab page number to better identify them, this is especially useful if you're talking to someone else to be on the same page.\nlab 14177 - Getting Started with VMware Cloud Foundation [HOL-2532-01-VCF-L]\nlab 14141 - VCF Operations - Getting Started - [HOL-2501-01-VCF-L]\nlab 14143 - VCF Operations - Becoming a Power User - [HOL-2501-03-VCF-L]\nlab 26242 - VCF Operations - Management Pack Builder [HOL-2501-12-VCF-L]\nlab 14142 - VCF Operations - Getting More Out of It! - [HOL-2501-02-VCF-L]\nlab 15735 - VCF Operations for Logs - Getting Started - [HOL-2501-04-VCF-L]\nlab 15736 - VCF Operations for Logs - Getting More Out of It! [HOL-2501-05-VCF-L]\nlab 15742 - VCF Operations for Networks - Getting More Out of It! - [HOL-2502-01-VCF-S]\nlab 14319 - VCF Automation Orchestrator - Getting More Out of It! - [HOL-2501-11-VCF-L]\nlab 14146 - VCF Automation - Becoming a Power User - [HOL-2501-09-VCF-L]\nlab 13929 - VMware Data Services Manager [HOL-2549-01-VCF-L]\nlab 14255 - VMware HCX - Getting Started with Cross-Cloud Mobility [HOL-2540-03-VCF-L]\nlab 13955 - VMware NSX - Networking Fundamentals [HOL-2540-01-VCF-L]\nlab 13956 - VMware NSX - Advanced Networking [HOL-2540-02-VCF-L]\nlab 14050 - VMware vSphere - Advanced Topics [HOL-2530-02-VCF-L]\nlab 14156 - VMware vSAN - Getting Started and Advanced Topics [HOL-2534-01-VCF-L]\nlab 14171 - VMware vSphere 8 - What is New [HOL-2530-01-VCF-L]\nVCF 9.0 lab 26715 - What’s New in VMware Cloud Foundation 9.0 - Platform [HOL-2610-01-VCF-L]\nlab 26716 - What’s New in VMware Cloud Foundation 9.0 - Automation [HOL-2610-02-VCF-L]\nlab 26717 - What’s New in VMware Cloud Foundation 9.0 - Operations [HOL-2610-03-VCF-L]\nlab 26718 - What's New with vSphere in VMware Cloud Foundation 9.0 [HOL-2630-01-VCF-L]\nlab 26719 - Unifying VM and Kubernetes Management with vSphere Supervisor in VMware Cloud Foundation 9.0 [HOL-2633-01-VCF-L]\nlab 14142 - VCF Operations - Getting More Out of It! - [HOL-2501-02-VCF-L]\nlab 14144 - VCF Automation - Getting Started - [HOL-2501-07-VCF-L]\nlab 14145 - VCF Automation - Getting More Out of It! - [HOL-2501-08-VCF-L]\nlab 26724 - VCF 9 Single Sign-On Configuration [HOL-2610-50-VCF-S]\n","link":"https://strivevirtually.net/post/my-selection-of-hands-on-lab-for-vcp-vcf-5.2-and-vcf-9.0/","section":"post","tags":["Certification","VCP-VCF","VCF 5.2","VCF 9.0","HOL"],"title":"**My selection of Hands-On Lab for VCP-VCF 5.2 and VCF 9.0**"},{"body":"","link":"https://strivevirtually.net/tags/hol/","section":"tags","tags":null,"title":"HOL"},{"body":"","link":"https://strivevirtually.net/tags/vcf-5.2/","section":"tags","tags":null,"title":"VCF 5.2"},{"body":"VCF 9.0 Release Generally Available as of Today 17/06/2025 Broadcom Official News Release\nRelease Notes\nWhats New Whats-New/VMware-Cloud-Foundation-01-Installer-console.png\nWhats-New/VMware-Cloud-Foundation-01-Installer-console.png\nWhats-New/VMware-Cloud-Foundation-02-Operations-console.png\nWhats-New/VMware-Cloud-Foundation-02-Operations-console.png\nWhats-New/VMware-Cloud-Foundation-03-Automation-console.png\nWhats-New/VMware-Cloud-Foundation-03-Automation-console.png\nHands-On Lab VCF 9.0 VCF 5.2 with VCP-VCF in mind with a focus on Aria Suite\nVCF Installer Walkthrough convert existing vCenter to a new VCF Instance Deployment GREENFIELD BROWNFIELD VCF 5.2 CloudBuilder+Workbook VCF import tools CLI VCF 9.0 VCF-installer UI VCF-installer UI VCF Operations Note: although the presentation from 2024 show the capabilities as planned, as of Today VCF 9.0 General availability, these features are all released. VCF-Operations/VCF-Operations-1-Strategic-Priorities.jpg\nVCF-Operations/VCF-Operations-1-Strategic-Priorities.jpg\nVCF-Operations/VCF-Operations-2-Fleet-Management.jpg\nVCF-Operations/VCF-Operations-2-Fleet-Management.jpg\nVCF-Operations/VCF-Operations-3-Identity-Management.jpg\nVCF-Operations/VCF-Operations-3-Identity-Management.jpg\nVCF-Operations/VCF-Operations-4-Certificate-Management.jpg\nVCF-Operations/VCF-Operations-4-Certificate-Management.jpg\nVCF-Operations/VCF-Operations-5-Password-Management.jpg\nVCF-Operations/VCF-Operations-5-Password-Management.jpg\nVCF-Operations/VCF-Operations-6-Configuration-Management.jpg\nVCF-Operations/VCF-Operations-6-Configuration-Management.jpg\nVCF-Operations/VCF-Operations-7-Tag-Management.jpg\nVCF-Operations/VCF-Operations-7-Tag-Management.jpg\nOperate/Operate-01.jpg\nOperate/Operate-01.jpg\nOperate/Operate-02-Operations.jpg\nOperate/Operate-02-Operations.jpg\nOperate/Operate-03-Diagnostic-Findings-by-Skyline.jpg\nOperate/Operate-03-Diagnostic-Findings-by-Skyline.jpg\nOperate/Operate-04-VCF-Health.jpg\nOperate/Operate-04-VCF-Health.jpg\nOperate/Operate-05-Integraterd-Logs-Operations.jpg\nOperate/Operate-05-Integraterd-Logs-Operations.jpg\nOperate/Operate-06-Integrated-Networks-Operations.jpg\nOperate/Operate-06-Integrated-Networks-Operations.jpg\nOperate/Operate-07-Storage-Operations.jpg\nOperate/Operate-07-Storage-Operations.jpg\nOperate/Operate-08-Security-Operations.jpg\nOperate/Operate-08-Security-Operations.jpg\nOperate/Operate-09-Workload-Mobility.jpg\nOperate/Operate-09-Workload-Mobility.jpg\nOperate/Operate-10-Audit-Events.jpg\nOperate/Operate-10-Audit-Events.jpg\nVCF-Automation VCF-Automation/VCF-Automation-01-Catalog-of-Applications-blueprint-deployment.png\nVCF-Automation/VCF-Automation-01-Catalog-of-Applications-blueprint-deployment.png\nVCF-Automation/VCF-Automation-02-Catalog-selfservice-cost-estimate-that-can-be-hidden-to-customers.png\nVCF-Automation/VCF-Automation-02-Catalog-selfservice-cost-estimate-that-can-be-hidden-to-customers.png\nVCF-Automation/VCF-Automation-03-Catalog-selfservice-cost-estimate-that-can-be-hidden-to-customers.png\nVCF-Automation/VCF-Automation-03-Catalog-selfservice-cost-estimate-that-can-be-hidden-to-customers.png\nVCF-Automation/VCF-Automation-04-Catalog-selfservice-Kubernetes-access-to-the-app-via-cloud-consumption-interface-cci.png\nVCF-Automation/VCF-Automation-04-Catalog-selfservice-Kubernetes-access-to-the-app-via-cloud-consumption-interface-cci.png\nSecurity, Compliance, Troubleshooting Security Operations Dashboard Configuration Compliance Monitoring Application Insights and Troubleshooting\nUsing all assets puts toghether namely Aria Operations, Aria Network Insight, Aria Logs, Skyline, they are all brought under VCF Operations umbrella, their capabilites are integrated here is the correlation of metrics, events, net flows, logs. VCF-Security-Troubleshooting/VCF-Security-03-Application-Insights-and-Troubleshooting.png\nVCF-Security-Troubleshooting/VCF-Security-03-Application-Insights-and-Troubleshooting.png\nVCF-Security-Troubleshooting/VCF-Security-04-Troubleshooting-Latency-drop.png\nVCF-Security-Troubleshooting/VCF-Security-04-Troubleshooting-Latency-drop.png\nVCF-Security-Troubleshooting/VCF-Security-05-Troubleshooting-Show-Network.png\nVCF-Security-Troubleshooting/VCF-Security-05-Troubleshooting-Show-Network.png\nVCF-Security-Troubleshooting/VCF-Security-06-Troubleshooting-Time-Range-First-occurences.png\nVCF-Security-Troubleshooting/VCF-Security-06-Troubleshooting-Time-Range-First-occurences.png\nVCF-Security-Troubleshooting/VCF-Security-07-Troubleshooting-NSX-Edge-Hosting-Loadbalancer-Utilized-at-94-percent-and-20k-packet-drops.png\nVCF-Security-Troubleshooting/VCF-Security-07-Troubleshooting-NSX-Edge-Hosting-Loadbalancer-Utilized-at-94-percent-and-20k-packet-drops.png\nRecap Personas:\nVCF Operations: Provider Admin VCF Automation: Tenant Admin, End User VCF Goals:\nCore Infrastructure Innovations\n- Memory Tiering\n- vSAN Global Dedup\n- Enhanced Data Path 3x\nAdministration efficiency like public provider with integrated VCF Operations\n- Fleet management capabilities\nPublic cloud experience through VCF Automation\n\u0026quot;In order to get that fleet management capabilities to manage your fleet of vCenters, NSX managers, ... All you need to do is to upgrade VCF Aria Operations to VCF Operations Then start going to additional steps, So you can get to these fleet management capabilities, So you can fleet lifecycle manage these components. That's our goal\u0026quot;\n","link":"https://strivevirtually.net/post/vmware-cloud-foundation-9.0-ga/","section":"post","tags":["VCF","VMware Explore","Private Cloud Platform"],"title":"**VMware Cloud Foundation 9.0 GA**"},{"body":"","link":"https://strivevirtually.net/tags/private-cloud-platform/","section":"tags","tags":null,"title":"Private Cloud Platform"},{"body":"","link":"https://strivevirtually.net/tags/vcf/","section":"tags","tags":null,"title":"VCF"},{"body":"","link":"https://strivevirtually.net/tags/vmware-explore/","section":"tags","tags":null,"title":"VMware Explore"},{"body":"Laying Plan with tools at hand, namely VMware Cloud Foundation 5.2 Planning and Preparation Workbook, VMware NSX Reference Design Guide 4.2, Automated VMware Cloud Foundation Lab Deployment Branch Fork Vlan and Vyos At a starting point we'll use this logical design from VMware NSX Reference Design Guide 4.2 (download it) and we'll look at Virtual Distributed Switch profile 3,\nthen finally we'll map every information from Automated VMware Cloud Foundation Lab Deployment Branch Fork Vlan (download it) and Vyos,\nto fill VMware Cloud Foundation 5.2 Planning and Preparation Workbook again (download it).\nThis step might help getting an understanding but not require to deploy the lab.\nnsx-reference-design-guide/VMware NSX Reference Design Guide 4.2 - 2 VCF Management Domain Logical Design p466 and Profile 3 p470 mgmt VDS01.png\nnsx-reference-design-guide/VMware NSX Reference Design Guide 4.2 - 2 VCF Management Domain Logical Design p466 and Profile 3 p470 mgmt VDS01.png\nnsx-reference-design-guide/VMware NSX Reference Design Guide 4.2 - 3 VCF Management Domain Logical Design p466 and Profile 3 p470 mgmt VDS01 and VDS02.png\nnsx-reference-design-guide/VMware NSX Reference Design Guide 4.2 - 3 VCF Management Domain Logical Design p466 and Profile 3 p470 mgmt VDS01 and VDS02.png\nnsx-reference-design-guide/VMware NSX Reference Design Guide 4.2 - 4 VDS Profile.png\nnsx-reference-design-guide/VMware NSX Reference Design Guide 4.2 - 4 VDS Profile.png\nnsx-reference-design-guide/VMware NSX Reference Design Guide 4.2 - 5 VDS Profile 3.png\nnsx-reference-design-guide/VMware NSX Reference Design Guide 4.2 - 5 VDS Profile 3.png\nHere i give a step by step example how to fill the workbook based on the value vcf-automated-lab-deployment vlan version and Vyos router workbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 1 - deployment options.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 1 - deployment options.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 2 - management domain sizing inputs.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 2 - management domain sizing inputs.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 3.1 - network inputs - rack.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 3.1 - network inputs - rack.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 3.2 - network inputs - rack.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 3.2 - network inputs - rack.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 4.1 - name and ip addresses inputs - vm.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 4.1 - name and ip addresses inputs - vm.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 4.2 - name and ip addresses inputs - vm.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 4.2 - name and ip addresses inputs - vm.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 5.1 - name and ip addresses inputs - rack.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 5.1 - name and ip addresses inputs - rack.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 5.2 - name and ip addresses inputs - rack.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 5.2 - name and ip addresses inputs - rack.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 6.1 - sddc inputs - common.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 6.1 - sddc inputs - common.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 6.2 - sddc inputs - common.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 6.2 - sddc inputs - common.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 6.3 - sddc inputs - common.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 6.3 - sddc inputs - common.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 6.4 - sddc inputs - common.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 6.4 - sddc inputs - common.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 6.5 - sddc inputs - common.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 6.5 - sddc inputs - common.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 6.6 - sddc inputs - common.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 6.6 - sddc inputs - common.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 7.1 - sddc inputs - rack.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 7.1 - sddc inputs - rack.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 7.2 - sddc inputs - rack.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 7.2 - sddc inputs - rack.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 8 - management domain sizing.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 8 - management domain sizing.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 9 - vi workload domain rack config.png\nworkbook-wld/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 9 - vi workload domain rack config.png\nLatest News: VCF 5.2.1.2 is GA as of 30th April , 2025. This release is a SDDC Manager express patch and fixes critical security vulnerabilities. Release notes link: https://techdocs.broadcom.com/us/en/vmware-cis/vcf/vcf-5-2-and-earlier/5-2/vcf-release-notes/vmware-cloud-foundation-521-release-notes.html#GUID-bea9c4f4-f376-4a63-9787-114a8b767ed2-en_id-bbdf8909-3085-4c41-b287-0461e71b2e07\nWe are looking at deploying VCF with absolute minimal resources to give a chance to more people a way of VCF hands-on practice in addition to VMware Hands-On Lab to learn and prepare for attending VCP-VCF Administrator On that note Franky Barragan and team have holded multiple Sessions of VCP-VCF Administrator Exam Study Groups. He is now in the Job market (like me) and he deserve Credits for all the community dynamics he tractioned.\nDiscord Channel - https://discord.gg/cAgPKfAPnd Community Exam Guide - https://docs.google.com/document/d/1k5bo1HuDXVVYckb_lv1irkdPzR2xhL1O-iRxE5HIRxA Blog covering the recordings - https://blogs.vmware.com/code/2025/02/13/join-the-vmware-code-vcp-vcf-study-group/\nPrepare physical ESXi Host/Cluster VCF Lab Bill of Material: 40€ MGMT SWITCH 2x10G sfp+ + 4x2.5G RJ45 L2 web Managed\n80€ TRUNK SWITCH 8x10G L3 fully featured web + console Port IOS-like contextual based command completion\n10€ 1G copper Module SFP+ RJ45\n50€ 5x10G passive DAC - 3 cables is enough for 1 Host\n10€ 2.5G USB 3.1 GEN1 5G to RJ45 adaptor\n10-40€\t10G SFP+ dual port pcie 8x plugged in 4x slot Motherboard\n110€ Asrock B550 PRO4 - refurbished like new - require BIOS update - probably require Ryzen 3000 series - to fix black screen with red light motherboard\n160€ RZX 128GB RAM 4x40€ 4x32GB DDR4 - Chinese New Year deal - Nowaday the price is around 50€ so more like 200€ - 3200Mhz but had to lower speed at 2666Mhz\n160€ Ryzen 3700X base clock 3600Mhz x 16threads TDP 65W - used without heatsink - there is room for overclock although not needed\n25€ Heatsink 3fans TDP 95W\n125€ Hiksemi Future 2048GB\n25€\tPhillips USB 3.2 Key\n25€ Nvidia GT710 in bottom pcie 1x opened by Asrock\nVCF Lab Logical Design: vCenter / Physical ESXi Settings DRS must be enabled on the Cluster to run Automated VMware Cloud Foundation Lab Deployment because it is required to create a vApp that contain the lab VMs.\nvSwitch0 has all security to \u0026quot;refused\u0026quot; and MTU 1500\nvSwitch1 has all security to \u0026quot;accept\u0026quot; and MTU 9000\nvcf-dc1 a windows 2019 act as DNS server with single vNIC\nVyos-a act has - TOR (Top Of Rack) L3Switch/Router - and serve NTP on VCF VM VLAN 1010 and MGMT WLD ESXi VLAN 1011 and VI WLD ESXi VLAN 1311 Networks with reverse DNS\nassuming\nvswitch0 or VDS already created with uplink, i used the usb adapter vusb0\nwith portgroup 'VM Network' with access to internet\nthe following is using Standard vSwitch because the goal was to allow VCF to run on Mgmt Wld 1 Nested ESXi with 96GB and Vi Wld 2 Nested ESXi with 32GB each on a single 128GB of RAM physical ESXi host with NVMe Memory Tiering although the whole Lab fit in 120GB of RAM.\nCreate new vSwitch1\nMTU 9000\nAdd uplinks vmnic0,vmnic1\nPortgroup 'VMTRUNK'\nVLAN 4095\nAdd networking\nCreate a second portgroup '101010-Network'\nVLAN 1010\nEdit vSwitch1 Enable promiscuous mode\nssh to the Physical ESXi and prevent Duplicate packets with this command:\nesxcli system settings advanced set -o /Net/ReversePathFwdCheckPromisc -i 1\nDeploy and Configure Vyos router download Vyos 1.3 iso\ncreate a vm Debian 11 64bit 1cpu 1gb ram 2vNIC\nPhysical ESXi host VM Network on both vNIC\nboot\nlogin\nvyos\nvyos\nsudo loadkeys fr #your country code keymap if different that us\ninstall image\n[Enter] everytime\nor Yes to confirm if needed\nVyos new password twice\nshutdown\ndisconnect CDROM from Vyos VM and from the ESXi Host if any\nconnect Vyos vm 1st vNIC to portgroup 'VM Network' #access to internet\nconnect Vyos vm 2nd vNIC to portgroup 'VMTRUNK'\n1config 2set interface ethernet eth0 address 192.168.1.253/24 3set protocols static routing 0.0.0.0/0 next-hop #your default gateway to internet 4set service ssh 5commit 6save Configure Vyos Vlan Interfaces for VCF Management Workload Domain ssh Vyos 1config 2set interfaces ethernet eth0 ipv6 address no-default-link-local 3set interfaces ethernet eth0 offload gro 4set interfaces ethernet eth0 offload gso 5set interfaces ethernet eth0 offload lro 6set interfaces ethernet eth0 offload rps 7set interfaces ethernet eth0 offload sg 8set interfaces ethernet eth0 offload tso 9set interfaces ethernet eth1 ipv6 address no-default-link-local 10set interfaces ethernet eth1 mtu \u0026#39;9000\u0026#39; 11set interfaces ethernet eth1 offload gro 12set interfaces ethernet eth1 offload gso 13set interfaces ethernet eth1 offload lro 14set interfaces ethernet eth1 offload rps 15set interfaces ethernet eth1 offload sg 16set interfaces ethernet eth1 offload tso 17set interfaces ethernet eth1 vif 1010 address \u0026#39;10.10.10.1/24\u0026#39; 18set interfaces ethernet eth1 vif 1010 description \u0026#39;VLAN 1010 for VM MGMT on Mgmt Domain\u0026#39; 19set interfaces ethernet eth1 vif 1010 ipv6 address no-default-link-local 20set interfaces ethernet eth1 vif 1010 mtu \u0026#39;1500\u0026#39; 21set interfaces ethernet eth1 vif 1011 address \u0026#39;10.10.11.1/24\u0026#39; 22set interfaces ethernet eth1 vif 1011 description \u0026#39;VLAN 1011 for ESXi MGMT on Mgmt Domain\u0026#39; 23set interfaces ethernet eth1 vif 1011 ipv6 address no-default-link-local 24set interfaces ethernet eth1 vif 1011 mtu \u0026#39;1500\u0026#39; 25set interfaces ethernet eth1 vif 1012 address \u0026#39;10.10.12.1/24\u0026#39; 26set interfaces ethernet eth1 vif 1012 description \u0026#39;VLAN 1012 for VMOTION on Mgmt Domain\u0026#39; 27set interfaces ethernet eth1 vif 1012 ipv6 address no-default-link-local 28set interfaces ethernet eth1 vif 1012 mtu \u0026#39;9000\u0026#39; 29set interfaces ethernet eth1 vif 1013 address \u0026#39;10.10.13.1/24\u0026#39; 30set interfaces ethernet eth1 vif 1013 description \u0026#39;VLAN 1013 for VSAN on Mgmt Domain\u0026#39; 31set interfaces ethernet eth1 vif 1013 ipv6 address no-default-link-local 32set interfaces ethernet eth1 vif 1013 mtu \u0026#39;9000\u0026#39; 33set interfaces ethernet eth1 vif 1014 address \u0026#39;10.10.14.1/24\u0026#39; 34set interfaces ethernet eth1 vif 1014 description \u0026#39;VLAN 1014 for HOST VTEP on Mgmt Domain\u0026#39; 35set interfaces ethernet eth1 vif 1014 ipv6 address no-default-link-local 36set interfaces ethernet eth1 vif 1014 mtu \u0026#39;9000\u0026#39; Configure Vyos Vlan Interfaces for VCF Vi Workload Domain 1set interfaces ethernet eth1 vif 1311 address \u0026#39;10.13.11.1/24\u0026#39; 2set interfaces ethernet eth1 vif 1311 description \u0026#39;VLAN 1311 for ESXi MGMT on Wld Domain\u0026#39; 3set interfaces ethernet eth1 vif 1311 ipv6 address no-default-link-local 4set interfaces ethernet eth1 vif 1311 mtu \u0026#39;1500\u0026#39; 5set interfaces ethernet eth1 vif 1312 address \u0026#39;10.13.12.1/24\u0026#39; 6set interfaces ethernet eth1 vif 1312 description \u0026#39;VLAN 1312 for VMOTION on Wld Domain\u0026#39; 7set interfaces ethernet eth1 vif 1312 ipv6 address no-default-link-local 8set interfaces ethernet eth1 vif 1312 mtu \u0026#39;9000\u0026#39; 9set interfaces ethernet eth1 vif 1313 address \u0026#39;10.13.13.1/24\u0026#39; 10set interfaces ethernet eth1 vif 1313 description \u0026#39;VLAN 1313 for VSAN on Wld Domain\u0026#39; 11set interfaces ethernet eth1 vif 1313 ipv6 address no-default-link-local 12set interfaces ethernet eth1 vif 1313 mtu \u0026#39;9000\u0026#39; 13set interfaces ethernet eth1 vif 1314 address \u0026#39;10.13.14.1/24\u0026#39; 14set interfaces ethernet eth1 vif 1314 description \u0026#39;VLAN 1314 for HOST VTEP on Wld Domain\u0026#39; 15set interfaces ethernet eth1 vif 1314 ipv6 address no-default-link-local 16set interfaces ethernet eth1 vif 1314 mtu \u0026#39;9000\u0026#39; Configure Vyos NAT 1set nat source rule 1010 outbound-interface \u0026#39;eth0\u0026#39; 2set nat source rule 1010 source address \u0026#39;10.10.10.0/24\u0026#39; 3set nat source rule 1010 translation address \u0026#39;masquerade\u0026#39; 4set nat source rule 1011 outbound-interface \u0026#39;eth0\u0026#39; 5set nat source rule 1011 source address \u0026#39;10.10.11.0/24\u0026#39; 6set nat source rule 1011 translation address \u0026#39;masquerade\u0026#39; 7set nat source rule 1311 outbound-interface \u0026#39;eth0\u0026#39; 8set nat source rule 1311 source address \u0026#39;10.13.11.0/24\u0026#39; 9set nat source rule 1311 translation address \u0026#39;masquerade\u0026#39; Configure Vyos DNS Forwarding 1set service dns forwarding allow-from \u0026#39;127.0.0.0/8\u0026#39; 2set service dns forwarding allow-from 169.254.0.0/16 3set service dns forwarding allow-from \u0026#39;10.0.0.0/8\u0026#39; 4set service dns forwarding allow-from \u0026#39;172.16.0.0/12\u0026#39; 5set service dns forwarding allow-from \u0026#39;192.168.0.0/16\u0026#39; 6set service dns forwarding domain 10.10.10.in-addr.arpa. server \u0026#39;192.168.1.100\u0026#39; 7set service dns forwarding domain 11.10.10.in-addr.arpa. server \u0026#39;192.168.1.100\u0026#39; 8set service dns forwarding domain 11.13.10.in-addr.arpa. server \u0026#39;192.168.1.100\u0026#39; 9set service dns forwarding domain abs.system server \u0026#39;192.168.1.100\u0026#39; 10set service dns forwarding listen-address \u0026#39;10.10.10.1\u0026#39; 11set service dns forwarding listen-address \u0026#39;10.10.11.1\u0026#39; 12set service dns forwarding listen-address \u0026#39;10.13.11.1\u0026#39; 13set service dns forwarding listen-address \u0026#39;192.168.1.253\u0026#39; 14set service dns forwarding name-server \u0026#39;192.168.1.100\u0026#39; Configure Vyos Hostname (could be ntp and then make FQDN as ntp.your.domain like in VCF Planning Workbook Prerequisite) 1set system host-name Vyos-a In your DNS Server ADD Vyos A/PTR entry, before that create DNS reverse lookup zone for the subnet if not already done\nConfigure Vyos DNS Server 1set system name-server \u0026#39;192.168.1.100\u0026#39; Configure Vyos NTP 1set system ntp allow-clients address \u0026#39;127.0.0.0/8\u0026#39; 2set system ntp allow-clients address \u0026#39;169.254.0.0/16\u0026#39; 3set system ntp allow-clients address \u0026#39;10.0.0.0/8\u0026#39; 4set system ntp allow-clients address \u0026#39;172.16.0.0/12\u0026#39; 5set system ntp allow-clients address \u0026#39;192.168.0.0/16\u0026#39; 6set system ntp allow-clients address \u0026#39;::1/128\u0026#39; 7set system ntp allow-clients address \u0026#39;fe80::/10\u0026#39; 8set system ntp allow-clients address \u0026#39;fc00::/7\u0026#39; 9set system ntp interface \u0026#39;eth1.1010\u0026#39; 10set system ntp interface \u0026#39;eth1.1011\u0026#39; 11set system ntp interface \u0026#39;eth1.1311\u0026#39; 12set system ntp listen-address \u0026#39;192.168.1.253\u0026#39; 13set system ntp server pool.ntp.org Create DNS Reverse Lookup Zone fo each subnets first (for PTR records) then Create DNS Forward lookup Hosts A records entry Configure Automated VMware Cloud Foundation Lab Deployment Branch Fork Vlan Download Vlan commit Automated VMware Cloud Foundation Lab Deployment Branch Fork Vlan VMware Cloud Foundation Management Workload Domain - sample-vcf-mgmt-variables.ps1 $VMNetwork = \u0026quot;VMTRUNK\u0026quot; #portgroup vlan 4095 on vSwitch1 or vlan trunking (1010-1314) on VDS (Vlan Guest Tagging VGT = Trunk, the guest are NestedEsxi VMs with VMKernel VLAN VMK0)\non Virtual Switch with MTU 9000 on physical ESXi/Cluster not shown here, with promiscuous mode enabled and prevent duplicate packets with following\nesxcli system settings advanced set -o /Net/ReversePathFwdCheckPromisc -i 1\n$CBVMNetwork = \u0026quot;101010-Network\u0026quot; #portgroup vlan $NestedVMNetworkVLanId (here vlan 1010) because CB OVA doesn't expose $ovfconfig.common.guestinfo.vlan, no VGT but Virtual Switch Tagging VST = Access,\non same on Virtual Switch\nNote: this portgroup is used only by Cloud Builder virtual appliance, in workbook it's called \u0026quot;Infrastructure Network Portgroup Name\u0026quot; or \u0026quot;Target network portgroup for Cloud Builder Deployment\u0026quot;\nBecause Mgmt Wld VM and NestedEsxi use their own vlan, they need an interface vlan gateway on a virtual or physical upstream top of rack (tor L3switch/router Vyos in this case)\n$VMGateway = \u0026quot;10.10.10.1\u0026quot; #interface vlan for $NestedVmManagementNetworkCidr on upstream tor (Vyos)\n$vmk0Gateway = \u0026quot;10.10.11.1\u0026quot; #interface vlan for $NestedESXiManagementNetworkCidr on upstream tor (Vyos)\nBecause Vi Wld NestedEsxi use their own vlan\n$WldVmk0VLanId = \u0026quot;1311\u0026quot;\n$WldVmk0Gateway = \u0026quot;10.13.11.1\u0026quot;\n$VMNTP = \u0026quot;192.168.1.253\u0026quot; #upstream tor Vyos 1.3.x because ntpd allowed multiple \u0026quot;interface\u0026quot; (like 1.1010 for VM and 1.1011 for Mgmt Wld ESXi and 1.1311 for Vi Wld ESXi) but it migrated to chrony Vyos 1.4 which support listening only a single interface\nNTP \u0026quot;listen address/fqdn\u0026quot; (DNS A/PTR records required), example: A FQDN Vyos-a.abs.system \u0026lt;-\u0026gt; IP 192.168.1.253 / PTR FQDN 253.1.168.192.in-addr.arpa \u0026lt;-\u0026gt; Hostname Vyos-a.abs.system.),\nto upstream NTP server like pool.ntp.org\nBecause to run less than 4 VSAN nodes (not supported), we needed to add this in the resulting json\n$hostFailuresToTolerate = 0 #1 default value for required 4 VSAN Ready Nodes\n$CloudbuilderIP = \u0026quot;10.10.10.180\u0026quot; #must be on same subnet as $NestedVmManagementNetworkCidr (10.10.10.0/24)\nuncomment for default VCF Management Workload Domain required 4 VSAN Ready Nodes\n1$NestedESXiHostnameToIPsForManagementDomain = @{ 2\t\u0026#34;vcf-m01-esx01\u0026#34; = \u0026#34;10.10.11.185\u0026#34; 3\t#\u0026#34;vcf-m01-esx02\u0026#34; = \u0026#34;10.10.11.186\u0026#34; 4\t#\u0026#34;vcf-m01-esx03\u0026#34; = \u0026#34;10.10.11.187\u0026#34; 5\t#\u0026#34;vcf-m01-esx04\u0026#34; = \u0026#34;10.10.11.188\u0026#34; 6} uncomment for default VCF Vi Workload Domain, minimum required 3 Nodes, 2 Nodes for Lab will do at minimum to deploy NSX Edge Cluster\n1$NestedESXiHostnameToIPsForWorkloadDomain = @{ 2 \u0026#34;vcf-w01-esx01\u0026#34; = \u0026#34;10.13.11.191\u0026#34; 3 \u0026#34;vcf-w01-esx02\u0026#34; = \u0026#34;10.13.11.192\u0026#34; 4 #\u0026#34;vcf-w01-esx03\u0026#34; = \u0026#34;10.13.11.193\u0026#34; 5 #\u0026#34;vcf-w01-esx04\u0026#34; = \u0026#34;10.13.11.194\u0026#34; 6} $NestedESXiMGMTvCPU = \u0026quot;16\u0026quot; #12 default value\n$NestedESXiMGMTvMEM = \u0026quot;96\u0026quot; #GB #96 default value\nBecause VM has there own network\n$NestedVmManagementNetworkCidr = \u0026quot;10.10.10.0/24\u0026quot; #gateway editable here $VMGateway (10.10.10.1), Note same VM Network is used by Vi Workload Domain\nBecause Host has there own networks\n$NestedESXiManagementNetworkCidr = \u0026quot;10.10.11.0/24\u0026quot; #gateway editable here $vmk0Gateway (10.10.11.1)\n$NestedESXivMotionNetworkCidr = \u0026quot;10.10.12.0/24\u0026quot; #gateway not editable here also is .1 $esxivMotionGateway (10.10.12.1) on upstream tor (Vyos eth1.12)\n$NestedESXivSANNetworkCidr = \u0026quot;10.10.13.0/24\u0026quot; #gateway not editable here also is .1 $esxivSANGateway (10.10.13.1) on upstream tor (Vyos eth1.13)\n$NestedESXiNSXTepNetworkCidr = \u0026quot;10.10.14.0/24\u0026quot; #gateway not editable here also is .1 $esxiNSXTepGateway (10.10.14.1) on upstream tor (Vyos eth1.14)\nBecause every networks has there own vlan\n$NestedVMNetworkVLanId = \u0026quot;1010\u0026quot;\n$vmk0VLanId = \u0026quot;1011\u0026quot;\n$vmotionVLanId = \u0026quot;1012\u0026quot;\n$vsanVLanId = \u0026quot;1013\u0026quot;\n$HostTepVLanId = \u0026quot;1014\u0026quot;\nVMware Cloud Foundation Management Workload Domain - vcf-automated-lab-deployment.ps1 Because Vi Wld is now supported in this commit\n$deployNestedESXiVMsForWLD = 1\nBecause we want to set vlan on NestedEsxi (VM Network vlan 1010 for both Mgmt and Vi Workloads Domains)\n$setVLanId = 1\nBecause to run less than 4 VSAN nodes (not officially supported but working for lab), to SSH into Cloud Builder to reconfigure the size of the Cluster as steps described below\n$startVCFBringup = 0\nYes we want to generate Wld HostCommission Json $generateWldHostCommissionJson = 1\nNot enabled\n$uploadVCFNotifyScript = 0\nThe resulting deployment variables should look like this:\n$preCheck = 1\n$confirmDeployment = 1\n$deployNestedESXiVMsForMgmt = 1\n$deployNestedESXiVMsForWLD = 1\n$setVLanId = 1\n$deployCloudBuilder = 1\n$moveVMsIntovApp = 1\n$generateMgmJson = 1\n$startVCFBringup = 0\n$generateWldHostCommissionJson = 1\n$uploadVCFNotifyScript = 0\nMoved start time after the deployment is confirmed with the Y to be more accruate\n$StartTime = Get-Date\nThe code of $moveVMsIntovApp is updated to allow reuse of the $VAppName previously generated,\na usecase would be to simply first having $deployNestedESXiVMsForWLD and $generateWldHostCommissionJson set to 0, and needing to enable these variables as Day-2 operations\nanother usecase would be to redeploy Wld NestedEsxi VMs with different settings after,\nhaving them decomissioned in SDDC Manager and deleted in Outer vCenter along with,\nhaving the wld network pool deleted in SDDC Manager.\nDeploy Nested VCF Management Workload Domain The new syntaxe to start the deployment script with the variables file use the argument -EnvConfigFile which you can find by typing - then tab completion.\n1.\\vcf-automated-lab-deployment.ps1 -EnvConfigFile .\\sample-vcf-mgmt-variables.ps1 Workaround Management Wld Domain in Cloud Builder for ESXi Cluster size 1 - Skip this if you can deploy the default 4 ESXi cluster Because to run less than 4 VSAN nodes (not supported), after deployment 15min or so, tweak the VCF mgmt cluster minimum size as following steps and follow the vcf-bringup-debug.log\n- ssh Cloud Builder as admin\n- su - $CloudbuilderRootPassword\n- echo \u0026quot;bringup.mgmt.cluster.minimum.size=1\u0026quot; \u0026gt;\u0026gt; /etc/vmware/vcf/bringup/application.properties\n- systemctl restart vcf-bringup.service - tail -f /opt/vmware/bringup/logs/vcf-bringup-debug.log\n- wait a minute to begin SDDC deployment on Cloud Builder UI\nAt this point can safely shudown Cloud Builder VM and move it out of the lab vApp.\nVMware Cloud Foundation Vi Workload Domain - sample-vcf-wld-variables.ps1 Network Pool specify the VLANs and reserved ip-pool for VSAN and VMOTION, since we have dedicated VLANs and ip-pool for Vi Workload Domains, a new network pool will be automatically created from following Cidr, Gateway and VLANs variables\n$VCFWorkloadDomainPoolName = \u0026quot;vcf-w01-rp01\u0026quot;\n$VCFWorkloadDomainPoolFile = \u0026quot;networkPoolSpec.json\u0026quot;\nvCenter Configuration\n$VCSAHostname = \u0026quot;vcf-w01-vc01\u0026quot;\n$VCSAIP = \u0026quot;10.10.10.76\u0026quot;\n$VCSARootPassword = \u0026quot;VMware1!VMware1!\u0026quot;\n$VCSAvmSize = \u0026quot;tiny\u0026quot;\nManagement Domain VM Network Configuration\n$NestedVmManagementNetworkCidr = \u0026quot;10.10.10.0/24\u0026quot; # Not used just for documentation\nWld Domain ESXi Network Configuration\n$WldNestedESXiManagementNetworkCidr = \u0026quot;10.13.11.0/24\u0026quot; # Not used just for documentation\n$WldNestedESXivMotionNetworkCidr = \u0026quot;10.13.12.0/24\u0026quot;\n$WldNestedESXivSANNetworkCidr = \u0026quot;10.13.13.0/24\u0026quot;\n$WldNestedESXiNSXTepNetworkCidr = \u0026quot;10.13.14.0/24\u0026quot;\nWld Domain VLAN configuration\n$NestedVMNetworkVLanId = 1010 # Note: \u0026quot;VM Network\u0026quot; for Vi Wld Domain is same Cidr, VLAN, GW as Mgmt Domain\n$WldVmk0VLanId = 1311\n$WldVmotionVLanId = 1312\n$WldVsanVLanId = 1313\n$WldHostTepVLanId = 1314\nNSX Configuration\n$NSXManagerSize = \u0026quot;small\u0026quot;\n$NSXManagerVIPHostname = \u0026quot;vcf-w01-nsx01\u0026quot;\n$NSXManagerVIPIP = \u0026quot;10.10.10.77\u0026quot;\n$NSXManagerNode1Hostname = \u0026quot;vcf-w01-nsx01a\u0026quot;\n$NSXManagerNode1IP = \u0026quot;10.10.10.78\u0026quot;\n$NSXManagerNode2Hostname = \u0026quot;vcf-w01-nsx01b\u0026quot;\n$NSXManagerNode2IP = \u0026quot;10.10.10.79\u0026quot;\n$NSXManagerNode3Hostname = \u0026quot;vcf-w01-nsx01c\u0026quot;\n$NSXManagerNode3IP = \u0026quot;10.10.10.80\u0026quot;\n$NSXAdminPassword = \u0026quot;VMware1!VMware1!\u0026quot;\n$SeparateNSXSwitch = $true\n$VMNetmask = \u0026quot;255.255.255.0\u0026quot;\n$VMGateway = \u0026quot;10.10.10.1\u0026quot;\n$WldVmk0Gateway = \u0026quot;10.13.11.1\u0026quot; # Note: NestedESXi for Vi Wld Domain has its own Cidr, VLAN and Gateway\n$VMDomain = \u0026quot;abs.system\u0026quot;\n$hostFailuresToTolerate = 0\nIssue during implementation solved You may have noticed that the VM Network for the Vi Workload Domain use the same VM Network as the Management Workload Domain, I had an issue from the DomainCreationSpec validations complaining that they weren't the same network.\n1New-VCFWorkloadDomain -json .\\wld-w01.json 2New-VCFWorkloadDomain: The validation task commpleted the run with the following problems: 3vCenter gateway 10.13.10.1 is not the same as management network gateway 10.10.10.1 for vCenter wld-vc-w01 4NSX manager gateway 10.13.10.1 is not the same as management network gateway 10.10.10.1 for NSX manager vcf-w01-nsx01a 5NSX manager gateway 10.13.10.1 is not the same as management network gateway 10.10.10.1 for NSX manager vcf-w01-nsx01b 6NSX manager gateway 10.13.10.1 is not the same as management network gateway 10.10.10.1 for NSX manager vcf-w01-nsx01c Had to remove the dedicated VM Network for Vi Workload Domain despite being present in the Workbook Reference and in the API Data Structure: 1 { 2 \u0026#34;name\u0026#34;: \u0026#34;wld-w01-cl01-vds01-VM-management\u0026#34;, 3 \u0026#34;transportType\u0026#34;: \u0026#34;VM_MANAGEMENT\u0026#34; 4 }, And modify the vCenter and NSX FQDN for Vi Workload Domain to use the same VM Network as the Management Domain.\nVMware Cloud Foundation Vi Workload Domain - vcf-automated-workload-domain-deployment.ps1 $confirmDeployment = 1\n$commissionHost = 1\n$generateWLDDeploymentFile = 1\n$startWLDDeployment = 1\nWorkaround Vi Wld Domain in SDDC Manager for NSX cluster size 1 - Skip this if you can deploy the default 3 NSX Nodes cluster 1su - 2 3$SddcManagerRootPassword 4 5cat \u0026gt;\u0026gt; /etc/vmware/vcf/domainmanager/application-prod.properties \u0026lt;\u0026lt; EOF 6expected.minimum.hosts=1 7vc7.deployment.option=tiny 8nsxt.manager.formfactor=small 9nsxt.management.resources.validation.skip=true 10nsxt.manager.cluster.size=1 11nsxt.manager.wait.minutes=120 12EOF 13 14systemctl restart domainmanager.service 15 16tail -f /var/log/vmware/vcf/domainmanager/domainmanager.log Note: All NSX FQDN must be resolvable with DNS, although with this setting only $NSXManagerVIP and $NSXManagerNode1 will be used, all 4 (VIP+3Nodes) are required to be resolvable with DNS to pass validations.\nDeploy VCF Vi Workload Domain New deployment command\n1.\\vcf-automated-workload-domain-deployment.ps1 -EnvConfigFile .\\sample-vcf-wld-variables.ps1 Only issue encountered and solved was because single ESXi Mgmt Domain could not satisfy vSphere HA - Skip this if you have more than 1 NestedEXi in Management Workload Domain After Wld vCenter deployment, at power on, vSphere HA could not be statisfied, so it deleted the VM and redeployed it.\nCluster Tasks show the message:\nA quick search \u0026quot;insufficient resources to satisfy configured failover level for vSphere HA\u0026quot; poped this KB that is on point:\nConfigure \u0026gt; vSphere Availability \u0026gt; Edit vSphere HA \u0026gt; Admission Control \u0026gt; Disable Host Failover Capacity or Modify the Reserved Capacity\nVCF Management and Vi Workload Domains successfully deployed sddc/sddc-ui-1-dashboard.png\nsddc/sddc-ui-1-dashboard.png\nsddc/sddc-ui-2-hosts-mgmt-and-wld.png\nsddc/sddc-ui-2-hosts-mgmt-and-wld.png\nsddc/sddc-ui-3-workload-domains-wld-w01-summary.png\nsddc/sddc-ui-3-workload-domains-wld-w01-summary.png\nsddc/sddc-ui-4-workload-domains-wld-w01-cluster-network-vds-portgroups-vlans.png\nsddc/sddc-ui-4-workload-domains-wld-w01-cluster-network-vds-portgroups-vlans.png\nVCF Lab Resources Usage vcf-lab-cpu-ram-usage/vcf-lab-1-outer-esxi-cpu-when-booting-vcf-lab.png\nvcf-lab-cpu-ram-usage/vcf-lab-1-outer-esxi-cpu-when-booting-vcf-lab.png\nvcf-lab-cpu-ram-usage/vcf-lab-2-inner-nested-esxi-mgmt-domain-16cpu-when-booting-vcf-lab-duration-20-min.png\nvcf-lab-cpu-ram-usage/vcf-lab-2-inner-nested-esxi-mgmt-domain-16cpu-when-booting-vcf-lab-duration-20-min.png\nvcf-lab-cpu-ram-usage/vcf-lab-3-inner-nested-esxi-mgmt-domain-memory-96gb-almost-maxed.png\nvcf-lab-cpu-ram-usage/vcf-lab-3-inner-nested-esxi-mgmt-domain-memory-96gb-almost-maxed.png\nvcf-lab-cpu-ram-usage/vcf-lab-4-inner-nested-esxi-vi-wld-domain-memory-15GB-used-by-VSAN-and-VLCM-cluster.png\nvcf-lab-cpu-ram-usage/vcf-lab-4-inner-nested-esxi-vi-wld-domain-memory-15GB-used-by-VSAN-and-VLCM-cluster.png\nLesson Learn: To run Kubernetes workloads, expect to increase VCF Workload Domain nested ESXi memory!\nStay tuned and join the VCP-VCF Administrator Exam Study Groups mentioned above Discord Channel - https://discord.gg/cAgPKfAPnd Community Exam Guide - https://docs.google.com/document/d/1k5bo1HuDXVVYckb_lv1irkdPzR2xhL1O-iRxE5HIRxA/edit?usp=sharing Blog covering the recordings - https://blogs.vmware.com/code/2025/02/13/join-the-vmware-code-vcp-vcf-study-group/\n","link":"https://strivevirtually.net/post/automated-vmware-cloud-foundation-lab-deployment-branch-fork-vlan-update-workload-domains-support/","section":"post","tags":["LAB","AUTOMATION","VCENTER","ESXI","NESTED ESXI","CLOUD BUILDER","SDDC MANAGER","VCF","NSX-T","VCP-VCF","VCF MANAGEMENT WORKLOAD DOMAIN","VCF VI WORKLOAD DOMAIN","VCF PLANNING AND PREPARATION WORKBOOK","NSX REFERENCE DESIGN GUIDE","VYOS","VLAN","DNS","NTP"],"title":"**Automated VMware Cloud Foundation Lab Deployment Branch Fork Vlan Update Workload Domains support**"},{"body":"","link":"https://strivevirtually.net/tags/cloud-builder/","section":"tags","tags":null,"title":"Cloud Builder"},{"body":"","link":"https://strivevirtually.net/tags/nsx-reference-design-guide/","section":"tags","tags":null,"title":"NSX REFERENCE DESIGN GUIDE"},{"body":"","link":"https://strivevirtually.net/tags/nsx-t/","section":"tags","tags":null,"title":"NSX-T"},{"body":"Follow-up Deploy VMware NSX Edge Cluster via VCF API Follow-up of previous post of this serie on VCP-VCF VCP-VCF, After Bringup, Planning Workbook, Configure VLANs, DNS, NTP, BGP, Deploy VMware NSX Edge Cluster via VCF API\nAdd AVNs Verify with Upstream Router connectivity\nDeploy VMware Aria Suite Lifecycle Verify DNS\nIf the Aria Lifecycle deployment fail, in SDDC Manager a Rollback button will delete it and we can hit deploy button again. (Note in case the rollback itself fail, restart SDDC Manager watching the logs, do not manually delete resources in vCenter and NSX this would break SDDC Manager worklows)\ndeployment stuck on ntp\nit needed to add eth0 in Vyos ntp interface config: set system ntp interface 'eth0'\nService interface is 10.60.0.2\nStatic Route Next-Hop is 10.60.0.1\nNext: What about deploying the full Aria Suite in Automated fashion ? https://williamlam.com/2024/02/automated-aria-suite-lifecycle-identity-operations-logs-automation-lab-deployment-script.html\n","link":"https://strivevirtually.net/post/vcp-vcf-after-vmware-nsx-edge-cluster-planning-workbook-deploy-avns-via-vcf-api-and-aria-lifecycle-from-sddc-manager-ui/","section":"post","tags":["LAB","VCENTER","ESXI","NESTED ESXI","SDDC MANAGER","VCF","NSX-T","NSX EDGE","ARIA LIFECYCLE","ARIA SUITE","VREALIZE SUITE","VCP-VCF","VCF MANAGEMENT WORKLOAD DOMAIN","VCF PLANNING AND PREPARATION WORKBOOK","NSX REFERENCE DESIGN GUIDE","VYOS","VLAN","BGP","NTP","DNS"],"title":"**VCP-VCF, After VMware NSX Edge Cluster, Planning Workbook, Deploy AVNs and Aria Lifecycle from SDDC Manager UI**"},{"body":"","link":"https://strivevirtually.net/tags/aria-lifecycle/","section":"tags","tags":null,"title":"ARIA LIFECYCLE"},{"body":"","link":"https://strivevirtually.net/tags/aria-suite/","section":"tags","tags":null,"title":"ARIA SUITE"},{"body":"","link":"https://strivevirtually.net/tags/bgp/","section":"tags","tags":null,"title":"BGP"},{"body":"","link":"https://strivevirtually.net/tags/nsx-edge/","section":"tags","tags":null,"title":"NSX EDGE"},{"body":"","link":"https://strivevirtually.net/tags/vrealize-suite/","section":"tags","tags":null,"title":"VREALIZE SUITE"},{"body":"Follow-up Automated VMware Cloud Foundation Lab Deployment Branch Fork Vlan Follow-up of previous post and start of this serie on VCP-VCF Automated VMware Cloud Foundation Lab Deployment Branch Fork Vlan\nImportant Note: I downloaded on 20 March 2025, before VMware by Broadcom changed the way to download on 24 March 2025 see Important Update: Changes to How You Download VMware Software Binaries\nUsing VMware Cloud Foundation 5.2 Planning and Preparation Workbook workbook-aria/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 1 Deployment Options.png\nworkbook-aria/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 1 Deployment Options.png\nworkbook-aria/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 2 Network Inputs - Rack - Edge.png\nworkbook-aria/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 2 Network Inputs - Rack - Edge.png\nworkbook-aria/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 3 Name and IP Address Inputs VM - Aria.png\nworkbook-aria/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 3 Name and IP Address Inputs VM - Aria.png\nworkbook-aria/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 4 Name and IP Address Inputs - Rack - Edge.png\nworkbook-aria/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 4 Name and IP Address Inputs - Rack - Edge.png\nworkbook-aria/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 5.1 SDDC Inputs - Common - AVN Overlay.png\nworkbook-aria/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 5.1 SDDC Inputs - Common - AVN Overlay.png\nworkbook-aria/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 5.2 SDDC Inputs - Common Aria.png\nworkbook-aria/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 5.2 SDDC Inputs - Common Aria.png\nworkbook-aria/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 6.1 Active Directory Inputs - Common Aria.png\nworkbook-aria/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 6.1 Active Directory Inputs - Common Aria.png\nworkbook-aria/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 6.2 Active Directory Inputs - Common Aria.png\nworkbook-aria/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 6.2 Active Directory Inputs - Common Aria.png\nworkbook-aria/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 7 Management Domain Sizing.png\nworkbook-aria/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 7 Management Domain Sizing.png\nworkbook-aria/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 8 Management Domain - NSX Routing.jpg\nworkbook-aria/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 8 Management Domain - NSX Routing.jpg\nworkbook-aria/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 9 VMware Aria Suite Lifecycle - Parent child domain.png\nworkbook-aria/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 9 VMware Aria Suite Lifecycle - Parent child domain.png\nNote: from filling VMware Cloud Foundation 5.2 Planning and Preparation Workbook a lesson learn is that, it use Microsoft Windows Active Directory - Child Domain, but for the sake of simplicity in this lab we'll use only Parent Domain, mainly because our deployment isn't multisite for now (limited resources).\nAdd NSX Edge Vlan Interfaces 1set interfaces ethernet eth1 vif 17 address \u0026#39;10.10.17.1/24\u0026#39; 2set interfaces ethernet eth1 vif 17 description \u0026#39;VLAN 17 for Edge Uplink1\u0026#39; 3set interfaces ethernet eth1 vif 17 ipv6 address no-default-link-local 4set interfaces ethernet eth1 vif 17 mtu \u0026#39;9000\u0026#39; 5set interfaces ethernet eth1 vif 18 address \u0026#39;10.10.18.1/24\u0026#39; 6set interfaces ethernet eth1 vif 18 description \u0026#39;VLAN 18 for Edge Uplink2\u0026#39; 7set interfaces ethernet eth1 vif 18 ipv6 address no-default-link-local 8set interfaces ethernet eth1 vif 18 mtu \u0026#39;9000\u0026#39; 9set interfaces ethernet eth1 vif 19 address \u0026#39;10.10.19.1/24\u0026#39; 10set interfaces ethernet eth1 vif 19 description \u0026#39;VLAN 19 for EDGE TEP\u0026#39; 11set interfaces ethernet eth1 vif 19 ipv6 address no-default-link-local 12set interfaces ethernet eth1 vif 19 mtu \u0026#39;9000\u0026#39; Add AVNs DNS forwarding 1set service dns forwarding allow-from \u0026#39;10.50.0.0/24\u0026#39; 2set service dns forwarding allow-from \u0026#39;10.60.0.0/24\u0026#39; 3set service dns forwarding domain 0.50.10.in-addr.arpa. server \u0026#39;192.168.1.100\u0026#39; 4set service dns forwarding domain 0.60.10.in-addr.arpa. server \u0026#39;192.168.1.100\u0026#39; 5set service dns forwarding listen-address \u0026#39;10.10.17.1\u0026#39; 6set service dns forwarding listen-address \u0026#39;10.10.18.1\u0026#39; Add NTP listen on T0 Edge Cluster Uplinks Interfaces and toward DNS Server VM interface Not sure required but vRSLCM deployment have validation NTP reverse DNS.\n1set system ntp interface \u0026#39;eth1.17\u0026#39; 2set system ntp interface \u0026#39;eth1.18\u0026#39; 3set system ntp interface \u0026#39;eth0\u0026#39; Add BGP configuration 1 2set protocols bgp 65001 3 4set protocols bgp 65001 address-family ipv4-unicast network 10.10.10.0/24 5set protocols bgp 65001 address-family ipv4-unicast network 192.168.1.0/24 6 7set protocols bgp 65001 neighbor 10.10.17.2 address-family ipv4-unicast nexthop-self force 8set protocols bgp 65001 neighbor 10.10.17.2 password \u0026#39;VMware123!\u0026#39; 9set protocols bgp 65001 neighbor 10.10.17.2 remote-as \u0026#39;65003\u0026#39; 10set protocols bgp 65001 neighbor 10.10.17.2 update-source 10.10.17.1 11set protocols bgp 65001 neighbor 10.10.17.2 address-family ipv4-unicast soft-reconfiguration inbound 12 13set protocols bgp 65001 neighbor 10.10.17.3 address-family ipv4-unicast nexthop-self force 14set protocols bgp 65001 neighbor 10.10.17.3 password \u0026#39;VMware123!\u0026#39; 15set protocols bgp 65001 neighbor 10.10.17.3 remote-as \u0026#39;65003\u0026#39; 16set protocols bgp 65001 neighbor 10.10.17.3 update-source 10.10.17.1 17set protocols bgp 65001 neighbor 10.10.17.3 address-family ipv4-unicast soft-reconfiguration inbound 18 19set protocols bgp 65001 neighbor 10.10.18.2 address-family ipv4-unicast nexthop-self force 20set protocols bgp 65001 neighbor 10.10.18.2 password \u0026#39;VMware123!\u0026#39; 21set protocols bgp 65001 neighbor 10.10.18.2 remote-as \u0026#39;65003\u0026#39; 22set protocols bgp 65001 neighbor 10.10.18.2 update-source 10.10.18.1 23set protocols bgp 65001 neighbor 10.10.18.2 address-family ipv4-unicast soft-reconfiguration inbound 24 25set protocols bgp 65001 neighbor 10.10.18.3 address-family ipv4-unicast nexthop-self force 26set protocols bgp 65001 neighbor 10.10.18.3 password \u0026#39;VMware123!\u0026#39; 27set protocols bgp 65001 neighbor 10.10.18.3 remote-as \u0026#39;65003\u0026#39; 28set protocols bgp 65001 neighbor 10.10.18.3 update-source 10.10.18.1 29set protocols bgp 65001 neighbor 10.10.18.3 address-family ipv4-unicast soft-reconfiguration inbound Note set protocols bgp 65001 address-family ipv4-unicast network 192.168.1.0/24 This was added to advertise through BGP network statement, the network of local DNS VM and VYOS (acting as NTP) to the following neighbors NSX Edge T0 External uplink interfaces, Credit to fellows vExperts who spotted that and shared it back in 2020 for the VMware community here https://vstellar.com/2020/06/troubleshooting-vrslcm-deployment-failure-in-vcf/\nAdd Static Routes on both windows DNS VM and windows workstation to browse Aria Lifecycle UI on X-Region (10.60.0.0), for completeness we'll add A-Region (10.50.0.0) overlay subnet as well for the rest of Aria Suite deployments You can ping the overlay networks from the DNS subnet from both windows DNS server and your windows workstation by adding static routes, like this:\n1route add -p 10.10.17.0 mask 255.255.255.0 192.168.1.253 2route add -p 10.10.18.0 mask 255.255.255.0 192.168.1.253 3route add -p 10.60.0.0 mask 255.255.255.0 192.168.1.253 4route add -p 10.50.0.0 mask 255.255.255.0 192.168.1.253 Before starting Edge Cluster deployment, Prepare for workaround AMD Zen CPU DPDK FastPath capable owner only - Skip this step if you're on Epyc or Intel supported CPU Before sending the following 'POST Creation Edge Cluster Spec EBGP' here an estimation time of operation to make your Ryzen supported for DPDK capability at first boot:\nedge02 start finish deploy in 11min ssh workaround for AMD DPDK capable CPU + REBOOT #This is the \u0026quot;money time\u0026quot; i would say to take a Basketball expression, we have less than a minute to complete this step or SDDC Manager will delete this edge, reploy it 1hour later, so you don't want to miss that step! Note: (if edge node deployment task fail to be delete, restart SDDC Manager and/or vCenter) `vi /opt/vmware/nsx-edge/bin/config.py type /\u0026quot;AMD\u0026quot; press left arrow to place the cursor on 'i' of if press 'i' to enter vi insert mode type '#' (Alt Gr + 3, on azerty keyboard) press 'Esc' to exit insert mode press down arrow repeat for each line like in the image below pay attention to the column alignment, Python is sensible to that if we mess vi usage, no sweat, we can quit without saving, type 'Esc:q!' type ':wq!' that means ':' command mode, 'w' write, 'q' quit, '!' no confirm reboot boot start finish 15min NSX prepare Edge Node start finish in 11min repeat the previous operations\nedge01 start finish deploy in 11min\nssh workaround for AMD DPDK capable CPU + REBOOT\nboot start finish 15min\nNSX prepare Edge Node start finish in 11min\nSDDC Manager Edge Cluster Tasks will not finish until 2 NSX Edge Nodes are prepared with NSX.\nNote: In case of failure of one Edge deployment,\nSDDC Manager will delete only the failed edge node and redeploy it,\nSince this overall process is kind slow, i recommend like always to monitor: vCenter status UI for deployment, and NSX UI \u0026lt;-\u0026gt; System \u0026lt;-\u0026gt; Nodes, the starting of 2nd edge depoyment can begin before previous turn green!\nConfirmation in Datapath CPU tooltip, cores that handle fast path packet processing using DPDK\nGet SDDC Manager VCF API token via Curl way 1curl -k --location --request POST \u0026#39;https://vcf-m01-sddcm01.abidi.systems/v1/tokens\u0026#39; --header \u0026#39;Content-Type: application/json\u0026#39; --header \u0026#39;Accept: application/json\u0026#39; --data-raw \u0026#39;{\t\u0026#34;username\u0026#34; : \u0026#34;administrator@vsphere.local\u0026#34;,\t\u0026#34;password\u0026#34; : \u0026#34;VMware1!\u0026#34; }\u0026#39; The -k for unsecure HTTPS because the certificate of SDDC Manager is selfsigned that because we have not yet enabled Windows Server Role 'ADCS' a Root Certificate Authority to sign the certificate (Note this is an objective).\nsource: VMware Cloud Foundation 5.2 Administrator (VCP-VCF 2V0-11.24) VMware {code} Community Exam Guide\nObjective 4.5.2 - Deploy VMware Aria Suite\n2. Post-Deployment Configuration:\n- Replace the default SSL certificate with a CA-signed certificate using the SDDC Manager UI to establish trusted communication.\nDeploy VMware NSX Edge Cluster using VCF API via REST client way (Bruno) https://github.com/usebruno/bruno/releases/\nclick on the3dots, Create a Collection, Name, Folder Name, and Location folder on the filesystems. here using Collection Name 'VCF', Folder Name 'VCF', pointing to a real folder name 'sddc' new folder 'SDDC DAY 2 - Edge Cluster' new request 'POST Tokens' Select the REST verb 'POST' write the endpoint address 'https://vcf-m01-sddcm01.abidi.systems/v1/tokens' click on Body, Select JSON Prettify, { \u0026quot;username\u0026quot; : \u0026quot;administrator@vsphere.local\u0026quot;, \u0026quot;password\u0026quot; : \u0026quot;VMware1!\u0026quot; } click on Headers, Key 'Content-Type' and Value 'application/json' Key 'Accept' and Value 'application/json' Ctrl+S or save by clicking on the floppy in upper right click the right arrow to send the API Call select body response and copy with Ctrl+C the value of the accesstoken starting with ey... (be aware to Not have caps lock enabled) past it on text file temporarly (Note: access token expire after 1h, this is enough for Edge Cluster and AVNs creation via API, there is a refresh token that expire after 24h) new request 'GET Clusters' Select the REST verb 'GET' write the endpoint address 'https://vcf-m01-sddcm01.abidi.systems/v1/clusters' no body click on Headers, Key 'Content-Type' and Value 'application/json' Key 'Accept' and Value 'application/json' Key 'Authorization' and Value 'Bearer ey...' Ctrl+S or save by clicking on the floppy in upper right click the right to send the API Call select and copy with Ctrl+C the value of the cluster 'Id' # here \u0026quot;1be45b8c-7117-41bd-ad21-cda3c4862b8f\u0026quot; past it on text file temporarly new folder 'Edge Cluster EBGP' new request 'POST Validations Creation Edge Cluster Spec EBGP' Select the REST verb 'POST' write the endpoint address 'https://vcf-m01-sddcm01.abidi.systems/v1/edge-clusters/validations' click on Headers, Key 'Content-Type' and Value 'application/json' Key 'Accept' and Value 'application/json' Key 'Authorization' and Value 'Bearer ey...' click on Body, Past the cluster 'Id' twice in the 'clusterId' field for each edge node Select JSON Prettify, (Note: \u0026quot;edgeFormFactor\u0026quot; default is LARGE because Aria Suite has many products that can be deployed as cluster which need a VIP (NSX ALB T1), related in video if you rewatch VCP-VCF Study Group Session 4 at that time, SMALL provide 1 VIP, MEDIUM 10 VIP, this seems enough but there other products that can be deployed as cluster in Management Domain, to name a few NSX, Global NSX, NSX ALB controller, list non-exhaustive. For Vi Workload Domain for Kubernetes AVNs usecase also LARGE because Kubernetes use a VIP for the Supervisor Cluster but also for vSphere Kubernetes Service (VKS old name TKG) Clusters. An XLARGE for more demanding workloads.)\nhttps://developer.broadcom.com/xapis/vmware-cloud-foundation-api/latest/v1/edge-clusters/post/ 1{ 2 \u0026#34;edgeAdminPassword\u0026#34;: \u0026#34;VMware1!VMware1!\u0026#34;, 3 \u0026#34;edgeAuditPassword\u0026#34;: \u0026#34;VMware1!VMware1!\u0026#34;, 4 \u0026#34;edgeClusterName\u0026#34;: \u0026#34;vcf-m01-edgecl-01\u0026#34;, 5 \u0026#34;edgeClusterProfileType\u0026#34;: \u0026#34;DEFAULT\u0026#34;, 6 \u0026#34;edgeClusterType\u0026#34;: \u0026#34;NSX-T\u0026#34;, 7 \u0026#34;edgeFormFactor\u0026#34;: \u0026#34;SMALL\u0026#34;, 8 \u0026#34;edgeNodeSpecs\u0026#34;: [ 9 { 10 \u0026#34;clusterId\u0026#34;: \u0026#34;1be45b8c-7117-41bd-ad21-cda3c4862b8f\u0026#34;, 11 \u0026#34;edgeNodeName\u0026#34;: \u0026#34;vcf-m01-edge01.abidi.systems\u0026#34;, 12 \u0026#34;edgeTep1IP\u0026#34;: \u0026#34;10.10.19.105/24\u0026#34;, 13 \u0026#34;edgeTep2IP\u0026#34;: \u0026#34;10.10.19.106/24\u0026#34;, 14 \u0026#34;edgeTepGateway\u0026#34;: \u0026#34;10.10.19.1\u0026#34;, 15 \u0026#34;edgeTepVlan\u0026#34;: 19, 16 \u0026#34;interRackCluster\u0026#34;: false, 17 \u0026#34;managementGateway\u0026#34;: \u0026#34;10.10.10.1\u0026#34;, 18 \u0026#34;managementIP\u0026#34;: \u0026#34;10.10.10.189/24\u0026#34;, 19 \u0026#34;uplinkNetwork\u0026#34;: [ 20 { 21 \u0026#34;uplinkInterfaceIP\u0026#34;: \u0026#34;10.10.17.2/24\u0026#34;, 22 \u0026#34;uplinkVlan\u0026#34;: 17, 23 \u0026#34;peerIP\u0026#34;: \u0026#34;10.10.17.1/24\u0026#34;, 24 \u0026#34;asnPeer\u0026#34;: 65001, 25 \u0026#34;bgpPeerPassword\u0026#34;: \u0026#34;VMware123!\u0026#34; 26 }, 27 { 28 \u0026#34;uplinkInterfaceIP\u0026#34;: \u0026#34;10.10.18.2/24\u0026#34;, 29 \u0026#34;uplinkVlan\u0026#34;: 18, 30 \u0026#34;peerIP\u0026#34;: \u0026#34;10.10.18.1/24\u0026#34;, 31 \u0026#34;asnPeer\u0026#34;: 65001, 32 \u0026#34;bgpPeerPassword\u0026#34;: \u0026#34;VMware123!\u0026#34; 33 } 34 ], 35 \u0026#34;firstNsxVdsUplink\u0026#34;: \u0026#34;uplink1\u0026#34;, 36 \u0026#34;secondNsxVdsUplink\u0026#34;: \u0026#34;uplink2\u0026#34; 37 }, 38 { 39 \u0026#34;clusterId\u0026#34;: \u0026#34;1be45b8c-7117-41bd-ad21-cda3c4862b8f\u0026#34;, 40 \u0026#34;edgeNodeName\u0026#34;: \u0026#34;vcf-m01-edge02.abidi.systems\u0026#34;, 41 \u0026#34;edgeTep1IP\u0026#34;: \u0026#34;10.10.19.107/24\u0026#34;, 42 \u0026#34;edgeTep2IP\u0026#34;: \u0026#34;10.10.19.108/24\u0026#34;, 43 \u0026#34;edgeTepGateway\u0026#34;: \u0026#34;10.10.19.1\u0026#34;, 44 \u0026#34;edgeTepVlan\u0026#34;: 19, 45 \u0026#34;interRackCluster\u0026#34;: false, 46 \u0026#34;managementGateway\u0026#34;: \u0026#34;10.10.10.1\u0026#34;, 47 \u0026#34;managementIP\u0026#34;: \u0026#34;10.10.10.190/24\u0026#34;, 48 \u0026#34;uplinkNetwork\u0026#34;: [ 49 { 50 \u0026#34;uplinkInterfaceIP\u0026#34;: \u0026#34;10.10.17.3/24\u0026#34;, 51 \u0026#34;uplinkVlan\u0026#34;: 17, 52 \u0026#34;peerIP\u0026#34;: \u0026#34;10.10.17.1/24\u0026#34;, 53 \u0026#34;asnPeer\u0026#34;: 65001, 54 \u0026#34;bgpPeerPassword\u0026#34;: \u0026#34;VMware123!\u0026#34; 55 }, 56 { 57 \u0026#34;uplinkInterfaceIP\u0026#34;: \u0026#34;10.10.18.3/24\u0026#34;, 58 \u0026#34;uplinkVlan\u0026#34;: 18, 59 \u0026#34;peerIP\u0026#34;: \u0026#34;10.10.18.1/24\u0026#34;, 60 \u0026#34;asnPeer\u0026#34;: 65001, 61 \u0026#34;bgpPeerPassword\u0026#34;: \u0026#34;VMware123!\u0026#34; 62 } 63 ], 64 \u0026#34;firstNsxVdsUplink\u0026#34;: \u0026#34;uplink1\u0026#34;, 65 \u0026#34;secondNsxVdsUplink\u0026#34;: \u0026#34;uplink2\u0026#34; 66 } 67 ], 68 \u0026#34;edgeRootPassword\u0026#34;: \u0026#34;VMware1!VMware1!\u0026#34;, 69 \u0026#34;mtu\u0026#34;: 9000, 70 \u0026#34;asn\u0026#34;: 65003, 71 \u0026#34;tier0Name\u0026#34;: \u0026#34;vcf-m01-T0-01\u0026#34;, 72 \u0026#34;tier0RoutingType\u0026#34;: \u0026#34;EBGP\u0026#34;, 73 \u0026#34;tier0ServicesHighAvailability\u0026#34;: \u0026#34;ACTIVE_ACTIVE\u0026#34;, 74 \u0026#34;tier1Name\u0026#34;: \u0026#34;vcf-m01-T1-01\u0026#34; 75} Ctrl+S or save by clicking on the floppy in upper right click the right arrow to send the API Call new request 'POST Creation Edge Cluster Spec EBGP' Select the REST verb 'POST' write the endpoint address 'https://vcf-m01-sddcm01.abidi.systems/v1/edge-clusters' #notice the endpoint now does not have the /validations at the end click on Headers, Key 'Content-Type' and Value 'application/json' Key 'Accept' and Value 'application/json' Key 'Authorization' and Value 'Bearer ey...' click on Body, Copy the code used for the validations, now we're doing the real thing selection JSON Prettify, 1{ 2 \u0026#34;edgeAdminPassword\u0026#34;: \u0026#34;VMware1!VMware1!\u0026#34;, 3 \u0026#34;edgeAuditPassword\u0026#34;: \u0026#34;VMware1!VMware1!\u0026#34;, 4 \u0026#34;edgeClusterName\u0026#34;: \u0026#34;vcf-m01-edgecl-01\u0026#34;, 5 \u0026#34;edgeClusterProfileType\u0026#34;: \u0026#34;DEFAULT\u0026#34;, 6 \u0026#34;edgeClusterType\u0026#34;: \u0026#34;NSX-T\u0026#34;, 7 \u0026#34;edgeFormFactor\u0026#34;: \u0026#34;SMALL\u0026#34;, 8 \u0026#34;edgeNodeSpecs\u0026#34;: [ 9 { 10 \u0026#34;clusterId\u0026#34;: \u0026#34;1be45b8c-7117-41bd-ad21-cda3c4862b8f\u0026#34;, 11 \u0026#34;edgeNodeName\u0026#34;: \u0026#34;vcf-m01-edge01.abidi.systems\u0026#34;, 12 \u0026#34;edgeTep1IP\u0026#34;: \u0026#34;10.10.19.105/24\u0026#34;, 13 \u0026#34;edgeTep2IP\u0026#34;: \u0026#34;10.10.19.106/24\u0026#34;, 14 \u0026#34;edgeTepGateway\u0026#34;: \u0026#34;10.10.19.1\u0026#34;, 15 \u0026#34;edgeTepVlan\u0026#34;: 19, 16 \u0026#34;interRackCluster\u0026#34;: false, 17 \u0026#34;managementGateway\u0026#34;: \u0026#34;10.10.10.1\u0026#34;, 18 \u0026#34;managementIP\u0026#34;: \u0026#34;10.10.10.189/24\u0026#34;, 19 \u0026#34;uplinkNetwork\u0026#34;: [ 20 { 21 \u0026#34;uplinkInterfaceIP\u0026#34;: \u0026#34;10.10.17.2/24\u0026#34;, 22 \u0026#34;uplinkVlan\u0026#34;: 17, 23 \u0026#34;peerIP\u0026#34;: \u0026#34;10.10.17.1/24\u0026#34;, 24 \u0026#34;asnPeer\u0026#34;: 65001, 25 \u0026#34;bgpPeerPassword\u0026#34;: \u0026#34;VMware123!\u0026#34; 26 }, 27 { 28 \u0026#34;uplinkInterfaceIP\u0026#34;: \u0026#34;10.10.18.2/24\u0026#34;, 29 \u0026#34;uplinkVlan\u0026#34;: 18, 30 \u0026#34;peerIP\u0026#34;: \u0026#34;10.10.18.1/24\u0026#34;, 31 \u0026#34;asnPeer\u0026#34;: 65001, 32 \u0026#34;bgpPeerPassword\u0026#34;: \u0026#34;VMware123!\u0026#34; 33 } 34 ], 35 \u0026#34;firstNsxVdsUplink\u0026#34;: \u0026#34;uplink1\u0026#34;, 36 \u0026#34;secondNsxVdsUplink\u0026#34;: \u0026#34;uplink2\u0026#34; 37 }, 38 { 39 \u0026#34;clusterId\u0026#34;: \u0026#34;1be45b8c-7117-41bd-ad21-cda3c4862b8f\u0026#34;, 40 \u0026#34;edgeNodeName\u0026#34;: \u0026#34;vcf-m01-edge02.abidi.systems\u0026#34;, 41 \u0026#34;edgeTep1IP\u0026#34;: \u0026#34;10.10.19.107/24\u0026#34;, 42 \u0026#34;edgeTep2IP\u0026#34;: \u0026#34;10.10.19.108/24\u0026#34;, 43 \u0026#34;edgeTepGateway\u0026#34;: \u0026#34;10.10.19.1\u0026#34;, 44 \u0026#34;edgeTepVlan\u0026#34;: 19, 45 \u0026#34;interRackCluster\u0026#34;: false, 46 \u0026#34;managementGateway\u0026#34;: \u0026#34;10.10.10.1\u0026#34;, 47 \u0026#34;managementIP\u0026#34;: \u0026#34;10.10.10.190/24\u0026#34;, 48 \u0026#34;uplinkNetwork\u0026#34;: [ 49 { 50 \u0026#34;uplinkInterfaceIP\u0026#34;: \u0026#34;10.10.17.3/24\u0026#34;, 51 \u0026#34;uplinkVlan\u0026#34;: 17, 52 \u0026#34;peerIP\u0026#34;: \u0026#34;10.10.17.1/24\u0026#34;, 53 \u0026#34;asnPeer\u0026#34;: 65001, 54 \u0026#34;bgpPeerPassword\u0026#34;: \u0026#34;VMware123!\u0026#34; 55 }, 56 { 57 \u0026#34;uplinkInterfaceIP\u0026#34;: \u0026#34;10.10.18.3/24\u0026#34;, 58 \u0026#34;uplinkVlan\u0026#34;: 18, 59 \u0026#34;peerIP\u0026#34;: \u0026#34;10.10.18.1/24\u0026#34;, 60 \u0026#34;asnPeer\u0026#34;: 65001, 61 \u0026#34;bgpPeerPassword\u0026#34;: \u0026#34;VMware123!\u0026#34; 62 } 63 ], 64 \u0026#34;firstNsxVdsUplink\u0026#34;: \u0026#34;uplink1\u0026#34;, 65 \u0026#34;secondNsxVdsUplink\u0026#34;: \u0026#34;uplink2\u0026#34; 66 } 67 ], 68 \u0026#34;edgeRootPassword\u0026#34;: \u0026#34;VMware1!VMware1!\u0026#34;, 69 \u0026#34;mtu\u0026#34;: 9000, 70 \u0026#34;asn\u0026#34;: 65003, 71 \u0026#34;tier0Name\u0026#34;: \u0026#34;vcf-m01-T0-01\u0026#34;, 72 \u0026#34;tier0RoutingType\u0026#34;: \u0026#34;EBGP\u0026#34;, 73 \u0026#34;tier0ServicesHighAvailability\u0026#34;: \u0026#34;ACTIVE_ACTIVE\u0026#34;, 74 \u0026#34;tier1Name\u0026#34;: \u0026#34;vcf-m01-T1-01\u0026#34; 75} Ctrl+S or save by clicking on the floppy in upper right click the right arrow to send the API Call NSX Edge Cluster Deployed Successfully Why did i choose different subnets for AVNs ? Answer: because Holodeck used different subnets than Planning Workbook. I had first exposure to Holodeck on v1.0 in November 2022 and that's where i found the AVNs example subnets used for A-Region (local VCF instance Region segment) 10.50.0.0/24 and X-Region (cross remote VCF instance Region segment) 10.60.0.0/24,\ncomparatively VCF Planning workbook use VVS example subnets respectively 192.168.31.0/24 for A-Region and 192.168.11.0/24 for X-Region which wasn't what i first saw with X-Region bigger than A-Region but that's completely personal point of view.\nIf you have the resources Holodeck is the way to go, especially because it follow VVS and, specifically to spinup multiple VCF instances usecases,\nyou can get the latest Holodeck release by filling this form.\nTips: How to further trim Memory footprint Follow this blog to reduce VCSA outer and inner to 12GB of RAM each and boot in 8min instead of 10min with default 14GB for tiny form factor.\nWhat's Next? Next AVNs and Aria Lifecycle Deployment\n","link":"https://strivevirtually.net/post/vcp-vcf-after-bringup-planning-workbook-configure-vlans-dns-ntp-bgp-deploy-vmware-nsx-edge-cluster-via-vcf-api/","section":"post","tags":["LAB","VCENTER","ESXI","NESTED ESXI","SDDC MANAGER","VCF","NSX-T","NSX EDGE","ARIA LIFECYCLE","VCP-VCF","VCF MANAGEMENT WORKLOAD DOMAIN","VCF PLANNING AND PREPARATION WORKBOOK","NSX REFERENCE DESIGN GUIDE","VYOS","VLAN","BGP","NTP","DNS","API"],"title":"**VCP-VCF, After Bringup, Planning Workbook, Configure VLANs, DNS, NTP, BGP, Deploy VMware NSX Edge Cluster via VCF API**"},{"body":"","link":"https://strivevirtually.net/tags/api/","section":"tags","tags":null,"title":"API"},{"body":"Laying Plan with tools at hand, namely VMware Cloud Foundation 5.2 Planning and Preparation Workbook, VMware NSX Reference Design Guide 4.2, Automated VMware Cloud Foundation Lab Deployment Branch Fork Vlan and Vyos At a starting point we'll use this logical design from VMware NSX Reference Design Guide 4.2 (download it) and we'll look at Virtual Distributed Switch profile 3,\nthen finally we'll map every information from Automated VMware Cloud Foundation Lab Deployment Branch Fork Vlan (download it) and Vyos,\nto fill VMware Cloud Foundation 5.2 Planning and Preparation Workbook again (download it).\nThis step might help getting an understanding but not require to deploy the lab.\nnsx-reference-design-guide/VMware NSX Reference Design Guide 4.2 - 2 VCF Management Domain Logical Design p466 and Profile 3 p470 mgmt VDS01.png\nnsx-reference-design-guide/VMware NSX Reference Design Guide 4.2 - 2 VCF Management Domain Logical Design p466 and Profile 3 p470 mgmt VDS01.png\nnsx-reference-design-guide/VMware NSX Reference Design Guide 4.2 - 3 VCF Management Domain Logical Design p466 and Profile 3 p470 mgmt VDS01 and VDS02.png\nnsx-reference-design-guide/VMware NSX Reference Design Guide 4.2 - 3 VCF Management Domain Logical Design p466 and Profile 3 p470 mgmt VDS01 and VDS02.png\nnsx-reference-design-guide/VMware NSX Reference Design Guide 4.2 - 4 VDS Profile.png\nnsx-reference-design-guide/VMware NSX Reference Design Guide 4.2 - 4 VDS Profile.png\nnsx-reference-design-guide/VMware NSX Reference Design Guide 4.2 - 5 VDS Profile 3.png\nnsx-reference-design-guide/VMware NSX Reference Design Guide 4.2 - 5 VDS Profile 3.png\nHere i give a step by step example how to fill the workbook based on the value vcf-automated-lab-deployment vlan version and Vyos router workbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 0 Prerequisite Checklist Scroll-down review.png\nworkbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 0 Prerequisite Checklist Scroll-down review.png\nworkbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 1 Deployment Options.png\nworkbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 1 Deployment Options.png\nworkbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 2 Management Domain Sizing Inputs.png\nworkbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 2 Management Domain Sizing Inputs.png\nworkbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 3 Network Inputs.png\nworkbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 3 Network Inputs.png\nworkbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 4.1 Name and IP Address Inputs VM.png\nworkbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 4.1 Name and IP Address Inputs VM.png\nworkbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 4.2 Name and IP Address Inputs VM.png\nworkbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 4.2 Name and IP Address Inputs VM.png\nworkbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 5.1 Name and IP Address Inputs - Rack.png\nworkbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 5.1 Name and IP Address Inputs - Rack.png\nworkbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 6.1 SDDC Inputs - Common.png\nworkbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 6.1 SDDC Inputs - Common.png\nworkbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 6.2 SDDC Inputs - Common.png\nworkbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 6.2 SDDC Inputs - Common.png\nworkbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 6.3 SDDC Inputs - Common.png\nworkbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 6.3 SDDC Inputs - Common.png\nworkbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 7 SDDC Inputs - Rack.png\nworkbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 7 SDDC Inputs - Rack.png\nworkbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 8.1 Management Domain Sizing.png\nworkbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 8.1 Management Domain Sizing.png\nworkbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 8.2 Management Domain Sizing.png\nworkbook/VMware Cloud Foundation 5.2 Planning and Preparation Workbook - 8.2 Management Domain Sizing.png\nWe are looking at deploying VCF with absolute minimal resources to give a chance to more people a way of VCF hands-on practice in addition to VMware Hands-On Lab to learn and prepare for attending VCP-VCF Administrator On that note Franky and team are holding multiple VCP-VCF Administrator Exam Study Groups. The remaining study group dates are below and I suggest that you sign up and attend these.\nMar 11, 2025 @ 07:00 AM PTC\nMar 18, 2025 @ 07:00 AM PTC\nMar 25, 2025 @ 07:00 AM PTC\nYou can sign up for the tree remaining study groups at https://broadcom.zoom.us/meeting/register/jqEifVifQc-w6O1ZqbGydw#/registration?utm_medium=CMTYsocial\u0026amp;utm_source=CMTYTwitter\nDiscord Channel - https://discord.gg/cAgPKfAPnd Community Exam Guide - https://docs.google.com/document/d/1k5bo1HuDXVVYckb_lv1irkdPzR2xhL1O-iRxE5HIRxA/edit?usp=sharing Blog covering the recordings - https://blogs.vmware.com/code/2025/02/13/join-the-vmware-code-vcp-vcf-study-group/\nPrepare physical ESXi Host/Cluster Note:\nDRS must be enabled on the Cluster to run Automated VMware Cloud Foundation Lab Deployment because it is required to create a vApp that contain the lab VMs.\nvSwitch0 has all security to \u0026quot;refused\u0026quot; and MTU 1500\nvSwitch1 has all security to \u0026quot;accept\u0026quot; and MTU 9000\nvcf-dc1 a windows 2019 act as DNS server with single vNIC\nVyos-a act has - TOR (Top Of Rack) L3Switch/Router - and serve NTP on VCF VM VLAN 10 and ESXi VLAN 11 Networks with reverse DNS\nassuming\nvswitch0 or VDS already created with uplink vmnic0\nwith portgroup 'VM Network' with access to internet\nthe following is using Standard vSwitch because the goal was to allow VCF to run on 2 Nested ESXi with 52GB each on a 128GB of RAM physical ESXi host\nCreate new vSwitch1\nMTU 9000\nAdd an uplink vmnic1\nPortgroup 'VMTRUNK'\nVLAN 4095\nAdd networking\nCreate a second portgroup '101010-Network'\nVLAN 10\nEdit vSwitch1 Enable promiscuous mode\nssh to the Physical ESXi and prevent Duplicate packets with this command:\nesxcli system settings advanced set -o /Net/ReversePathFwdCheckPromisc -i 1\nDeploy and Configure Vyos router download Vyos 1.3 iso\ncreate a vm debian 64bit 1cpu 1gb ram 2vNIC\nPhysical ESXi host VM Network on both vNIC\nboot\nlogin\nvyos\nvyos\nsudo loadkeys fr #your country code keymap if different that us\ninstall image\n[Enter] everytime\nor Yes to confirm if needed\nVyos new password twice\n1config 2set interface ethernet eth0 address 192.168.1.253/24 3set protocols static routing 0.0.0.0/0 next-hop #your default gateway to internet 4set service ssh 5commit 6save shutdown\ndeconnect CDROM from Vyos VM and from the ESXi Host if any\nconnect Vyos vm 1st vNIC to portgroup 'VM Network' #access to internet\nconnect Vyos vm 2nd vNIC to portgroup 'VMTRUNK'\nConfigure Vyos Interfaces ssh Vyos 1config 2set interfaces ethernet eth0 ipv6 address no-default-link-local 3set interfaces ethernet eth1 ipv6 address no-default-link-local 4set interfaces ethernet eth1 mtu \u0026#39;9000\u0026#39; 5set interfaces ethernet eth1 vif 10 address \u0026#39;10.10.10.1/24\u0026#39; 6set interfaces ethernet eth1 vif 10 description \u0026#39;VLAN 10 for VM MGMT\u0026#39; 7set interfaces ethernet eth1 vif 10 ipv6 address no-default-link-local 8set interfaces ethernet eth1 vif 10 mtu \u0026#39;1500\u0026#39; 9set interfaces ethernet eth1 vif 11 address \u0026#39;10.10.11.1/24\u0026#39; 10set interfaces ethernet eth1 vif 11 description \u0026#39;VLAN 11 for ESXi MGMT\u0026#39; 11set interfaces ethernet eth1 vif 11 ipv6 address no-default-link-local 12set interfaces ethernet eth1 vif 11 mtu \u0026#39;1500\u0026#39; 13set interfaces ethernet eth1 vif 12 address \u0026#39;10.10.12.1/24\u0026#39; 14set interfaces ethernet eth1 vif 12 description \u0026#39;VLAN 12 for VMOTION\u0026#39; 15set interfaces ethernet eth1 vif 12 ipv6 address no-default-link-local 16set interfaces ethernet eth1 vif 12 mtu \u0026#39;9000\u0026#39; 17set interfaces ethernet eth1 vif 13 address \u0026#39;10.10.13.1/24\u0026#39; 18set interfaces ethernet eth1 vif 13 description \u0026#39;VLAN 13 for VSAN\u0026#39; 19set interfaces ethernet eth1 vif 13 ipv6 address no-default-link-local 20set interfaces ethernet eth1 vif 13 mtu \u0026#39;9000\u0026#39; 21set interfaces ethernet eth1 vif 14 address \u0026#39;10.10.14.1/24\u0026#39; 22set interfaces ethernet eth1 vif 14 description \u0026#39;VLAN 14 for HOST VTEP\u0026#39; 23set interfaces ethernet eth1 vif 14 ipv6 address no-default-link-local 24set interfaces ethernet eth1 vif 14 mtu \u0026#39;9000\u0026#39; Configure Vyos NAT 1set nat source rule 10 outbound-interface \u0026#39;eth0\u0026#39; 2set nat source rule 10 source address \u0026#39;10.10.10.0/24\u0026#39; 3set nat source rule 10 translation address \u0026#39;masquerade\u0026#39; 4set nat source rule 11 outbound-interface \u0026#39;eth0\u0026#39; 5set nat source rule 11 source address \u0026#39;10.10.11.0/24\u0026#39; 6set nat source rule 11 translation address \u0026#39;masquerade\u0026#39; Configure Vyos DNS Forwarding 1set service dns forwarding allow-from \u0026#39;127.0.0.0/8\u0026#39; 2set service dns forwarding allow-from 169.254.0.0/16 3set service dns forwarding allow-from \u0026#39;10.0.0.0/8\u0026#39; 4set service dns forwarding allow-from \u0026#39;172.16.0.0/12\u0026#39; 5set service dns forwarding allow-from \u0026#39;192.168.0.0/16\u0026#39; 6set service dns forwarding domain 10.10.10.in-addr.arpa. server \u0026#39;192.168.1.100\u0026#39; 7set service dns forwarding domain 11.10.10.in-addr.arpa. server \u0026#39;192.168.1.100\u0026#39; 8set service dns forwarding domain abidi.systems server \u0026#39;192.168.1.100\u0026#39; 9set service dns forwarding listen-address \u0026#39;10.10.10.1\u0026#39; 10set service dns forwarding listen-address \u0026#39;10.10.11.1\u0026#39; 11set service dns forwarding listen-address \u0026#39;192.168.1.253\u0026#39; 12set service dns forwarding name-server \u0026#39;192.168.1.100\u0026#39; Configure Vyos Hostname (could be ntp and then make FQDN as ntp.your.domain like in VCF Planning Workbook Prerequisite) 1set system host-name Vyos-a In your DNS Server ADD Vyos A/PTR entry, before that create DNS reverse lookup zone for the subnet if not already done\nConfigure Vyos DNS Server 1set system name-server \u0026#39;192.168.1.100\u0026#39; Configure Vyos NTP 1set system ntp allow-clients address \u0026#39;127.0.0.0/8\u0026#39; 2set system ntp allow-clients address \u0026#39;169.254.0.0/16\u0026#39; 3set system ntp allow-clients address \u0026#39;10.0.0.0/8\u0026#39; 4set system ntp allow-clients address \u0026#39;172.16.0.0/12\u0026#39; 5set system ntp allow-clients address \u0026#39;192.168.0.0/16\u0026#39; 6set system ntp allow-clients address \u0026#39;::1/128\u0026#39; 7set system ntp allow-clients address \u0026#39;fe80::/10\u0026#39; 8set system ntp allow-clients address \u0026#39;fc00::/7\u0026#39; 9set system ntp interface \u0026#39;eth1.10\u0026#39; 10set system ntp interface \u0026#39;eth1.11\u0026#39; 11set system ntp listen-address \u0026#39;192.168.1.253\u0026#39; 12set system ntp server pool.ntp.org Create DNS Reverse Lookup Zone fo each subnets first (for PTR records) then Create DNS Forward lookup Hosts A records entry Configure Automated VMware Cloud Foundation Lab Deployment Branch Fork Vlan Download Vlan commit Automated VMware Cloud Foundation Lab Deployment Branch Fork Vlan sample-vcf-mgmt-variables.ps1 $VMNetwork = \u0026quot;VMTRUNK\u0026quot; #portgroup vlan 4095 on vSwitch or vlan trunking (10-14) on VDS (Vlan Guest Tagging VGT = Trunk, the guest are NestedEsxi VMs with VMKernel VLAN VMK0)\non Virtual Switch with MTU 9000 on physical ESXi/Cluster not shown here, with promiscuous mode enabled and prevent duplicate packets with following\nesxcli system settings advanced set -o /Net/ReversePathFwdCheckPromisc -i 1\n$CBVMNetwork = \u0026quot;101010-Network\u0026quot; #portgroup vlan $NestedVMNetworkVLanId (10) because CB OVA doesn't expose $ovfconfig.common.guestinfo.vlan, no VGT but Virtual Switch Tagging VST = Access,\non same on Virtual Switch\nBecause VM and NestedEsxi use there own vlan, they need an interface vlan gateway on a virtual or physical upstream top of rack (tor L3switch/router Vyos in this case)\n$VMGateway = \u0026quot;10.10.10.1\u0026quot; #interface vlan for $NestedVmManagementNetworkCidr on upstream tor (Vyos)\n$vmk0Gateway = \u0026quot;10.10.11.1\u0026quot; #interface vlan for $NestedESXiManagementNetworkCidr on upstream tor (Vyos)\n$VMNTP = \u0026quot;192.168.1.253\u0026quot; #upstream tor Vyos 1.3.x because ntpd allowed multiple \u0026quot;interface\u0026quot; (like 1.10 for VM and 1.11 for ESXi) but it migrated to chrony Vyos 1.4 which support listening only a single interface\nNTP \u0026quot;listen address/fqdn\u0026quot; (DNS A/PTR records required), example: A FQDN Vyos-a.abidi.systems \u0026lt;-\u0026gt; IP 192.168.1.253 / PTR FQDN 253.1.168.192.in-addr.arpa \u0026lt;-\u0026gt; Hostname Vyos-a.abidi.systems.),\nto upstream NTP server like pool.ntp.org\nBecause to run less than 4 VSAN nodes (not supported), we needed to add this in the resulting json\n$hostFailuresToTolerate = 0 #1 default value for required 4 VSAN Ready Nodes\n$CloudbuilderIP = \u0026quot;10.10.10.180\u0026quot; #must be on same subnet as $NestedVmManagementNetworkCidr (10.10.10.0/24)\nuncomment for default VCF required 4 VSAN Ready Nodes\n1**$NestedESXiHostnameToIPsForManagementDomain** = @{ 2\t\u0026#34;vcf-m01-esx01\u0026#34; = \u0026#34;10.10.11.185\u0026#34; 3\t\u0026#34;vcf-m01-esx02\u0026#34; = \u0026#34;10.10.11.186\u0026#34; 4\t#\u0026#34;vcf-m01-esx03\u0026#34; = \u0026#34;10.10.11.187\u0026#34; 5\t#\u0026#34;vcf-m01-esx04\u0026#34; = \u0026#34;10.10.11.188\u0026#34; 6} $NestedESXiMGMTvCPU = \u0026quot;8\u0026quot; #12 default value\n$NestedESXiMGMTvMEM = \u0026quot;52\u0026quot; #GB #96 default value, going below 52GB would get memory issue during NSX host prepartion on VLCM images based Cluster\nBecause VM has there own network\n$NestedVmManagementNetworkCidr = \u0026quot;10.10.10.0/24\u0026quot; #gateway editable here $VMGateway (10.10.10.1)\nBecause Host has there own networks\n$NestedESXiManagementNetworkCidr = \u0026quot;10.10.11.0/24\u0026quot; #gateway editable here $vmk0Gateway (10.10.11.1)\n$NestedESXivMotionNetworkCidr = \u0026quot;10.10.12.0/24\u0026quot; #gateway not editable here also is .1 $esxivMotionGateway (10.10.12.1) on upstream tor (Vyos eth1.12)\n$NestedESXivSANNetworkCidr = \u0026quot;10.10.13.0/24\u0026quot; #gateway not editable here also is .1 $esxivSANGateway (10.10.13.1) on upstream tor (Vyos eth1.13)\n$NestedESXiNSXTepNetworkCidr = \u0026quot;10.10.14.0/24\u0026quot; #gateway not editable here also is .1 $esxiNSXTepGateway (10.10.14.1) on upstream tor (Vyos eth1.14)\nBecause every networks has there own vlan\n$NestedVMNetworkVLanId = \u0026quot;10\u0026quot;\n$vmk0VLanId = \u0026quot;11\u0026quot;\n$vmotionVLanId = \u0026quot;12\u0026quot;\n$vsanVLanId = \u0026quot;13\u0026quot;\n$HostTepVLanId = \u0026quot;14\u0026quot;\nvcf-automated-lab-deployment.ps1 Because we want to set vlan on NestedEsxi (VM Network vlan 10)\n$setVLanId = 1\nBecause Wld is not supported yet on this commit\n$deployNestedESXiVMsForWLD = 0\nBecause to run less than 4 VSAN nodes (not officially supported but working for lab), to SSH into Cloud Builder to reconfigure the size of the Cluster as steps described above\n$startVCFBringup = 0\nNot applicable in current commit\n$generateWldHostCommissionJson = 0\nNot enabled\n$uploadVCFNotifyScript = 0\nThe resulting deployment variables should look like this:\n$preCheck = 1\n$confirmDeployment = 1\n$deployNestedESXiVMsForMgmt = 1\n$setVLanId = 1\n$deployNestedESXiVMsForWLD = 0\n$deployCloudBuilder = 1\n$moveVMsIntovApp = 1\n$generateMgmJson = 1\n$startVCFBringup = 0\n$generateWldHostCommissionJson = 0\n$uploadVCFNotifyScript = 0\nMoved start time after the deployment is confirmed with the Y to be more accruate\n$StartTime = Get-Date\nThe new syntaxe to start the deployment script with the variables file use the argument -EnvConfigFile which you found by typing - then tab completion. 1.\\vcf-automated-lab-deployment.ps1 -EnvConfigFile .\\sample-vcf-mgmt-variables.ps1 Because to run less than 4 VSAN nodes (not supported), after deployment 15min or so, tweak the VCF mgmt cluster minimum size as following steps and follow the vcf-bringup-debug.log\n- ssh Cloud Builder as admin\n- su - $CloudbuilderRootPassword\n- echo \u0026quot;bringup.mgmt.cluster.minimum.size=1\u0026quot; \u0026gt;\u0026gt; /etc/vmware/vcf/bringup/application.properties\n- systemctl restart vcf-bringup.service - tail -f /opt/vmware/bringup/logs/vcf-bringup-debug.log\n- wait a minute to begin SDDC deployment on Cloud Builder UI\nVMware Cloud Builder mystere NTP warnings explanations: It can also be confirmed in the debug log that CB try both forward and reverse DNS resolution: At this point can safely shudown Cloud Builder VM and move it out of the lab vApp.\nVMware Cloud Foundation Setup Guide - Plan Upgrade sddcm/sddc-manager01.png\nsddcm/sddc-manager01.png\nsddcm/sddc-manager02-dashboard.png\nsddcm/sddc-manager02-dashboard.png\nsddcm/sddc-manager03 workload domains.png\nsddcm/sddc-manager03 workload domains.png\nsddcm/sddc-manager04 workload domains mgmt domain.png\nsddcm/sddc-manager04 workload domains mgmt domain.png\nsddcm/sddc-manager05 workload domains mgmt domain cluster.png\nsddcm/sddc-manager05 workload domains mgmt domain cluster.png\nsddcm/sddc-manager06 workload domains mgmt domain cluster networks.png\nsddcm/sddc-manager06 workload domains mgmt domain cluster networks.png\nsddcm/sddc-manager07 lcm release versions.png\nsddcm/sddc-manager07 lcm release versions.png\nsddcm/sddc-manager08 workload domains mgmt updates to view authorise vmware customer connect.png\nsddcm/sddc-manager08 workload domains mgmt updates to view authorise vmware customer connect.png\nsddcm/sddc-manager09 online depot - vmware customer connect - same vmware by broadcom support credential.png\nsddcm/sddc-manager09 online depot - vmware customer connect - same vmware by broadcom support credential.png\nsddcm/sddc-manager10 online depot - vmware customer connect - email login vmware by broadcom support.png\nsddcm/sddc-manager10 online depot - vmware customer connect - email login vmware by broadcom support.png\nsddcm/sddc-manager11 lcm bundle management populated after online depot authorized.png\nsddcm/sddc-manager11 lcm bundle management populated after online depot authorized.png\nsddcm/sddc-manager12 workload domains mgmt updates - after bundles populated.png\nsddcm/sddc-manager12 workload domains mgmt updates - after bundles populated.png\nNext we will do deployment of Edge Cluster, AVNs, and Aria Lifecycle on X Region Here a post on how to use Planning Workbook, Configure VLANs, DNS, NTP, BGP and Deploy VMware NSX Edge Cluster via VCF API with minimal resources\nStay tuned and join the zoom meeting VCP-VCF Administrator Exam Study Groups mentioned above You can sign up for the remaining study groups at https://broadcom.zoom.us/meeting/register/jqEifVifQc-w6O1ZqbGydw#/registration?utm_medium=CMTYsocial\u0026amp;utm_source=CMTYTwitter\nDiscord Channel - https://discord.gg/cAgPKfAPnd Community Exam Guide - https://docs.google.com/document/d/1k5bo1HuDXVVYckb_lv1irkdPzR2xhL1O-iRxE5HIRxA/edit?usp=sharing Blog covering the recordings - https://blogs.vmware.com/code/2025/02/13/join-the-vmware-code-vcp-vcf-study-group/\n","link":"https://strivevirtually.net/post/automated-vmware-cloud-foundation-lab-deployment-branch-fork-vlan/","section":"post","tags":["LAB","AUTOMATION","VCENTER","ESXI","NESTED ESXI","CLOUD BUILDER","SDDC MANAGER","VCF","NSX-T","VCP-VCF","VCF MANAGEMENT WORKLOAD DOMAIN","VCF PLANNING AND PREPARATION WORKBOOK","NSX REFERENCE DESIGN GUIDE","VYOS","VLAN","DNS","NTP"],"title":"**Automated VMware Cloud Foundation Lab Deployment Branch Fork Vlan Management Domain**"},{"body":"Find me Here along all the vEXPERT around the Globe https://vexpert.vmware.com/directory/10999 ","link":"https://strivevirtually.net/post/honored-to-be-part-of-the-vmware-vexpert-community-in-2025-again-/","section":"post","tags":["vEXPERT"],"title":"**Honored to be part of the VMware by Broadcom vEXPERT community in 2025 again !**"},{"body":"Lab Tutorial: Deploy and Convert vSphere 2 Nodes vLCM on NFS to VCF Management Domain with NSX Deployment on the new VCF Management Domain Considerations Before Converting or Importing Existing vSphere Environments into VMware Cloud Foundation\n21/01/2025 Updated to VCF 5.2.1.1 Bill Of Software Materials Nested ESXi 8.0u3b OVA on Flings\nVMware vCenter Server 8.0U3c - 10/09/2024 but you are advised to use the latest solutions VMware vCenter Server 8.0U3d - 10/21/2024\nVCF Drivers and Tools\nVCF-SDDC-Manager-Appliance-5.2.1.1-24397777.ova (4.44 GB) - Dec 12, 2024\nVCF Import Tool 5.2.1.2 vcf-brownfield-import-5.2.1.2-24494579.tar.gz (9.16 MB) Jan 21, \\2025\nVMware Software Install Bundle - NSX_T_MANAGER 4.2.1.0 bundle-133764.zip (11.3 GB) Oct 09, \\2024\nOnce these are downloaded even \u0026quot;without\u0026quot; a Site ID account, you're ready to begin.\nVCF Import Tool 5.2.1.2 convert of vsphere to VCF 5.2.1.1 Management Domain and deploy NSX as mandatory for the Management Domain.\nHere I will walk you through the Lab as I experienced it with minimal resources because CPU RAM DISK must be increased more like that:\n1# Nested ESXi VM Resources 2$NestedESXivCPU = \u0026#34;6\u0026#34; 3$NestedESXivMEM = \u0026#34;46\u0026#34; #GB 4$NestedESXiCachingvDisk = \u0026#34;8\u0026#34; #GB 5$NestedESXiCapacityvDisk = \u0026#34;500\u0026#34; #GB Since we're doing NFS it doesn't matter for the $NestedESXiCapacityvDisk,\nbut be sure to have 2TB capacity on NFS.\nIf you're short on free resources like i was at time of labbing,\nyou can enable compression which will reduce \\10 folds around 200GB (at price of performance),\nI did try without compression, you can expect 1.4GB/s write I/O and 700MB/s write on disk. I just received a new NVMe PCIe 4.0, i'll update without compression.\nSetup NFS server on windows and setup vyos and networking on the physical ESXi host then mount NFS datasore with vmknic binding to confirm connectivity For the prupose of this nested lab, we are using a portgroup with VLAN 4095,\nthat is trunking and letting the Guest OS VM strip the VLAN tag themselves instead of vSwitch doing the stripping,\nthat is known Vlan Guest Tagging or VGT for short, be aware not to use VLAN 4095 in Production as it is a finding since ESX 3 In our case, since our vms on vlan 33 share a portgroup is \u0026quot;NFS-OUTER\u0026quot; that is not doing the vlan tag stripping, so that the nested esxi have there vmkernel vlan\nNFS Outer switch - vmk1 vlan 33 172.17.33.3 - NFS-OUTER trunk pg vlan 4095 (nested vmnic1 VSS - vmnic3 VDS - vyos router interface vlan 33 and nat - nfs server dedicated vm nic vlan 33)\nNFS Outer switch - vmk1 vlan 33 172.17.33.3 - NFS-OUTER trunk pg vlan 4095 (nested vmnic1 VSS - vmnic3 VDS - vyos router interface vlan 33 and nat - nfs server dedicated vm nic vlan 33) vyos - svi vlan 33 172.17.33.1\nvyos - svi vlan 33 172.17.33.1 Windows NFS server second interface vlan 33 172.17.33.2\nWindows NFS server second interface vlan 33 172.17.33.2 mtu 9014\nmtu 9014 Windows NFS Share - Quick (NFS 3)\nWindows NFS Share - Quick (NFS 3) The commit that generate NSX json spec and VCF import tool command is here:\nLink Github Script NFS branch fork Expected Timings Overall 2h and more than 20min with SDDC Manager Import Tool for a brownfield compared to 2h with Cloud Builder for a greenfield!\nProcess Location Estimated Time Deploy ESXi vCenter \u0026amp; SDDCM Workstation PowerCLI 1 Hour or 2 Scp NSX Bundle to SDDCM Workstation PowerCLI 10 min or 20 Convert to VCF Mgmt Domain SDDCM VCF Import Tool 2 min Extract the bundle zip SDDCM VCF Import Tool 10 min Validates and Upload Bundle SDDCM VCF Import Tool 29 min or 1 hour Deploy NSX OVA SDDCM VCF Import Tool 31 min Install and Configure SDDCM VCF Import Tool + UI variable Deploy vSphere and SDDC Manager and copy NSX Bundle to SDDC Manager The default variables with NFS are the following:\n1$preCheck = 1 2$confirmDeployment = 1 3$deployNestedESXiVMs = 1 4$moveVMsIntovApp = 1 5$setupNFSforNestedESXiVMs = 1 6$bootStrapFirstNestedESXiVM = 0 7$deployVCSA = 1 8$setupNewVC = 1 9$addESXiHostsToVC = 1 10$EnableVLCM = 1 11$configureVSANDiskGroup = 0 12$setupVsanStoragePolicy = 0 13$configureVDS = 1 14$migrateVMstoVDS = 1 15$migrateVmkernelToVDS = 1 16$removeVSS = 1 17$finalCleanUp = 1 18$deploySDDCManager = 1 19$pinningVCSDDCMvm = 1 20$uploadVCFImportTool = 1 21$generateNsxSpecJson = 1 22$uploadNSXBundlePath = 1 23$generateVCFImportConvertCommand = 1 Few things added to the script:\n$vLCMversion \u0026quot;8.0 U3c - 24414501\u0026quot; # Minimum \u0026quot;8.0 U3b - 24280767\u0026quot; # NFS configurations\n$NestedESXiNFSkernelIPs\n$NfsHost = \u0026quot;172.17.33.2\u0026quot; NFS Server on same network subnet as $NestedESXiNFSkernelIPs\n$NfsVmk1VlanId = 33\n$NfsVlanId = 4095\n$NfsDatastoreName = \u0026quot;NFS-Datastore\u0026quot;\n$NfsDatastorePath = \u0026quot;/NFS\u0026quot;\n$NFSNetwork = \u0026quot;NFS-OUTER\u0026quot; # Portgroup vlan 4095 must exist on the physical ESXi host on vSwitch with mtu 9000 and vmkernel (172.17.33.3) on same range as $NfsHost\n$NewVCNfsPortgroupName = \u0026quot;DVPG-Nfs-Network\u0026quot;\n$NFSMTU = 9000\n$configureVDS #Note VSS will be removed\n1 # vmnic0 = Management on VSS 2 # vmnic1 = Nfs on VSS 3 # vmnic2 = Management on VDS (uplink1) 4 # vmnic3 = Nfs on VDS (uplink2) $pinningVCSDDCMvm Pinning $VCSADisplayName and $SddcManagerDisplayName to nestedEsxi 02 so that NSX deploy happen on NestedEsxi 01 without delay (Note This create warnings in the guardrails)\n$NsxFormFactor (this is useful if you have more than 128GB of RAM, set it to \u0026quot;medium\u0026quot;, this avoid NSX lack of resources during firstboot and Host preparation) Note: I used a third alternative, setting it to \u0026quot;small\u0026quot; then stopping NSX to remove reservation and give the correct CPU and Memory resources. (Athough this break SDDC Manager Tasks and Tasks have to be restarted by hitting the \u0026quot;Restart Task\u0026quot; button on the UI, this allow more people with less resources to get VCF hands-on starting from vSphere.) $NSXBundlePath NSX 4.2.1.0 Bundle Path to the bundle.zip\n$NsxSpecJsonPath NSX Spec Json Path should exist, it is where the file will be generated\n1$NSXBundlePath = \u0026#34;/root/bundle-133764.zip\u0026#34; 2$NsxSpecJsonPath = \u0026#34;/root/nsx-deployment-spec.json\u0026#34; Although we will deploy a Single node NSX Cluster, the 3 NSX node must have valid dns/reverse dns records, for VCF API does a hard check on it. 1$NSXClusterVipHostname = \u0026#34;$VCFManagementDomainName-nsxm-vip\u0026#34; 2$NSXClusterVip = \u0026#34;172.17.31.95\u0026#34; 3$NSXManagerNode1Hostname = \u0026#34;$VCFManagementDomainName-nsxm-1\u0026#34; 4$NSXManagerNode1IP = \u0026#34;172.17.31.96\u0026#34; 5$NSXManagerNode2Hostname = \u0026#34;$VCFManagementDomainName-nsxm-2\u0026#34; 6$NSXManagerNode2IP = \u0026#34;172.17.31.97\u0026#34; 7$NSXManagerNode3Hostname = \u0026#34;$VCFManagementDomainName-nsxm-3\u0026#34; 8$NSXManagerNode3IP = \u0026#34;172.17.31.98\u0026#34; Note 1: the secure copy will ask for the SDDC Manager password, have it handy!\nNote 2: the script will add into your ~/.ssh/known_hosts sddcm ssh key, so delete the line if you have to run the script more than once!\nNote 3: having VCF Import Tool validation ERROR because of FQDN was longer than 6 characters, I recommend using equal or less than 6 characters for Top Level Domain (TLD).\nNote 4 [UPDATED!]: added --auto-proceed to not let the VCF Import Tool pause the deployment workflow that propose doing 2 things: 1 snapshot SDDCM, 2 say yes or no to proceed NSX Deployment. Without --auto-proceed if you say no, the NSX bundle upload task is successful.\nNote 1: I used here an ip scheme slightly different than the script.\nThe default log file in the script directory is named vcf-import-lab-deployment.log\nNote 2: Be sure to delete any previous deployment entry sddcm is in your ~/.ssh/known_hosts\nNote 3: Prepare the password for SDDC Manager because SCP will ask for it\nI said these two piece of info twice in case you missed it, but in case the script stop while doing the SCP to SDDC Manager, no sweat you always restart it only like this:\n1$preCheck = 1 2$confirmDeployment = 1 3$deployNestedESXiVMs = 0 4$moveVMsIntovApp = 0 5$setupNFSforNestedESXiVMs = 0 6$bootStrapFirstNestedESXiVM = 0 7$deployVCSA = 0 8$setupNewVC = 0 9$addESXiHostsToVC = 0 10$EnableVLCM = 0 11$configureVSANDiskGroup = 0 12$setupVsanStoragePolicy = 0 13$configureVDS = 0 14$migrateVMstoVDS = 0 15$migrateVmkernelToVDS = 0 16$removeVSS = 0 17$finalCleanUp = 0 18$deploySDDCManager = 0 19$pinningVCSDDCMvm = 0 20$uploadVCFImportTool = 0 21$generateNsxSpecJson = 0 22$uploadNSXBundlePath = 1 23$generateVCFImportConvertCommand = 1 In the previous execution we can see right after Password, Connection closed, the right click to past the password didn't occur correctly, so we have to relaunch the script with variables above.\nConvert vSphere Cluster to VMware Cloud Foundation Management 5.2.1.2 Domain and Deploy NSX 4.2.1.0 Once the depoyment is complete after an Hour or so, as instructed in the log of the script: SSH to SDDC Manager using 'vcf' account and run the following command in VCF Import Tool Directory, but before that let's resize NSX Cluster from 3 to 1 node.\nPrepare SDDC Manager to deploy a Single node NSX Cluster:\nSSH as vcf and then change to root\nEnter the password\nPaste the blob commands from cat to watch with an extra blank line to make it enter\nWait for the Memory to become steady\nCtrl+C to exit the watch\nexit to return to vcf account\n1su - 2 3cat \u0026gt;\u0026gt; /etc/vmware/vcf/domainmanager/application-prod.properties \u0026lt;\u0026lt; EOF 4nsxt.manager.cluster.size=1 5nsxt.manager.wait.minutes=120 6EOF 7 8systemctl restart domainmanager.service 9 10watch \u0026#39;systemctl status domainmanager.service\u0026#39; Open a second ssh windows to sddc manager follow the log\ntail -f /var/log/vmware/vcf/domainmanager/domainmanager.log Shutdown NSX on firstboot to tweak resources Operation Fail to power on NSX Services at various step (in my case it fail during starting of File Integrity service and ssh wasn't started).\nShutdown NSX small\nIncrease CPU 4 to 6 and RAM 16 to 20 GB\nDecrease both reservations to 0.\nTips / Lessons Learn on powering up NSX small is that it require 20 Ghz, if we do the math 20 / 6 = 3.33 Ghz per core, now if you CPU doesn't have at least 3.33 Ghz you have two solutions\nFor homelab if you don't mind noise you can overclock your CPU ratio ( in my case i've done from 31 to 35 ) with bus typically of 100 Mhz you will endup with 3500Mhz\nFor Enterprise if you want Design requirement / justification to buy the hardware for the POC before Production\nPrefer to use SDDCM UI RESTART TASK button. If the UI don't launch then use VCF Import Tool to retry the operation, it will prompt to confirm \u0026quot;yes\u0026quot; to retry.\nLog in NSX to follow the host preparation In this case there was no errors\nAt this point the convert should have competed successfully Let's look at the second tab of sddcm where we were following domainmanager.log that should not have timedout.\nThe SDDC Manager UI wasn't aware of the completion.\nNow we have to two option: either restart the vm or restart all the services.\nFor the latter there is a shell script to restart all services located here:\n1/opt/vmware/vcf/operationsmanager/scripts/cli/sddcmanager_restart_services.sh All green VCF 5.2.1.1 imported Management Domain completed successfully with NSX ","link":"https://strivevirtually.net/post/automated-vmware-cloud-foundation-vcf-5.2.1.1-import-lab--2-nodes-on-nfs-with-nsx-deployment-script/","section":"post","tags":["LAB","AUTOMATION","VCENTER","ESXI","NESTED ESXI","NFS","SDDC MANAGER","VCF","NSX-T","VMware Explore"],"title":"**Automated VMware Cloud Foundation (VCF) 5.2.1.2 Import Lab 2 nodes on NFS With NSX Deployment Script**"},{"body":"Lab Tutorial: Deploy and Convert vSphere to VCF Management Domain with NSX Deployment on the new VCF Management Domain Thought: VCF Import Tool 5.2.1.0 first release as been superseded by the new complely revamped in 5.2.1.1 and now 5.2.1.2 to the point where the previous release download are no more available,\nthere is still SDDC Manager 5.2.1.0 OVA available for download but,\nthere is a new SDDC Manager 5.2.1.1 OVA available as well, and from this very informative page on Considerations Before Converting or Importing Existing vSphere Environments into VMware Cloud Foundation we learn that both VCF Import Tool 5.2.1.2 and SDDC Manager 5.2.1.1 works best toghether.\nAmongst the new things i've noted two, you can now have a single VDS shared with all Clusters as this feature was previously asked on https://vcf.ideas.aha.io/ideas/VCF-I-977 Brownfield ingestion: Multi-cluster / shared VDS\nAnd also there is link to To manually enable virtual networking for a converted/imported workload domain that is NSX Overlay (Maybe that could be automated as well as Day-N operations).\nThese two pieces of informations combined (Clusters with shared VDS and NSX Overlay) made me think Yay!\nThis could allow Kubernetes supervisor cluster on 3 vsphere zone using 1 VDS 1 Datacenter\nCan the three zone supervisor based on vsphere zones be implemented on VCF like previously blog tutorial and doc ?\nThe answer is no unfortunetly it is not supported,\nsee in the same page the other very informative table for decision making \u0026quot;Configuration Support by Domain Type\u0026quot; at line \u0026quot;WCP Enabled clusters\u0026quot;.\nClosing Thought: Maybe that configuration will be supported in the futur, if you need it, feel free leave the idea in https://vcf.ideas.aha.io/ideas/ you never know the feature may get implemented as well. 21/01/2025 Updated to VCF 5.2.1.1 Bill Of Software Materials Nested ESXi 8.0u3b OVA on Flings\nVMware vCenter Server 8.0U3c - 10/09/2024 but you are advised to use the latest solutions VMware vCenter Server 8.0U3d - 10/21/2024\nVCF Drivers and Tools\nVCF-SDDC-Manager-Appliance-5.2.1.1-24397777.ova (4.44 GB) - Dec 12, 2024\nVCF Import Tool 5.2.1.2 vcf-brownfield-import-5.2.1.2-24494579.tar.gz (9.16 MB) Jan 21, 2025\nVMware Software Install Bundle - NSX_T_MANAGER 4.2.1.0 bundle-133764.zip (11.3 GB) Oct 09, 2024\nOnce these are downloaded even \u0026quot;without\u0026quot; a Site ID account is required to obtain token for download, you're ready to begin.\nVCF Import Tool 5.2.1.2 convert of vsphere to VCF 5.2.1.1 Management Domain and deploy NSX as mandatory for the Management Domain.\nHere I will walk you through the Lab as I experienced it with minimal resources because CPU RAM DISK must be increased more like that:\n1# Nested ESXi VM Resources 2$NestedESXivCPU = \u0026#34;6\u0026#34; 3$NestedESXivMEM = \u0026#34;46\u0026#34; #GB 4$NestedESXiCachingvDisk = \u0026#34;8\u0026#34; #GB 5$NestedESXiCapacityvDisk = \u0026#34;500\u0026#34; #GB For $NestedESXiCapacityvDisk you can probably get away with 300GB but not with 256GB , if you do VCF will complain there's not enough resources for Management Domain.\nThe commit that generate NSX json spec and VCF import tool command is here:\nLink Github Script Merged to Master Repo Expected Timings Overall 2h and more than 20min with SDDC Manager Import Tool for a brownfield compared to 2h with Cloud Builder for a greenfield!\nProcess Location Estimated Time Deploy ESXi vCenter \u0026amp; SDDCM Workstation PowerCLI 1 Hour or 2 Scp NSX Bundle to SDDCM Workstation PowerCLI 10 min or 20 Convert to VCF Mgmt Domain SDDCM VCF Import Tool 2 min Extract the bundle zip SDDCM VCF Import Tool 10 min Validates and Upload Bundle SDDCM VCF Import Tool 29 min or 1 hour Deploy NSX OVA SDDCM VCF Import Tool 31 min Install and Configure SDDCM VCF Import Tool + UI variable Deploy vSphere and SDDC Manager and copy NSX Bundle to SDDC Manager Few things added to the script:\n$StoragePolicyName Named storage policy with hostFailuresToTolerate rule $hostFailuresToTolerate (1 is default, setting it to 0 redundancy avoid unnecessary write in case of single Disk/Physical Node) Note: the vcf import tool has a known issue regarding this and an update of the SDDC Manager database fix it Troubleshooting Guardrail Issues Requiring Manual SDDC Manager Database Updates $NsxFormFactor (this is useful if you have more than 128GB of RAM, set it to \u0026quot;medium\u0026quot;, this avoid NSX lack of resources during firstboot and Host preparation) Note: I used a third alternative, setting it to \u0026quot;small\u0026quot; then stopping NSX to remove reservation and give the correct CPU and Memory resources. (Athough this break SDDC Manager Tasks and Tasks have to be restarted by hitting the \u0026quot;Restart Task\u0026quot; button on the UI, this allow more people with less resources to get VCF hands-on starting from vSphere.) $NSXBundlePath NSX 4.2.1.0 Bundle Path to the bundle.zip\n$NsxSpecJsonPath NSX Spec Json Path should exist, it is where the file will be generated\n1$NSXBundlePath = \u0026#34;/root/bundle-133764.zip\u0026#34; 2$NsxSpecJsonPath = \u0026#34;/root/nsx-deployment-spec.json\u0026#34; Although we will deploy a Single node NSX Cluster, the 3 NSX node must have valid dns/reverse dns records, for VCF API does a hard check on it. 1$NSXClusterVipHostname = \u0026#34;$VCFManagementDomainName-nsxm-vip\u0026#34; 2$NSXClusterVip = \u0026#34;172.17.31.95\u0026#34; 3$NSXManagerNode1Hostname = \u0026#34;$VCFManagementDomainName-nsxm-1\u0026#34; 4$NSXManagerNode1IP = \u0026#34;172.17.31.96\u0026#34; 5$NSXManagerNode2Hostname = \u0026#34;$VCFManagementDomainName-nsxm-2\u0026#34; 6$NSXManagerNode2IP = \u0026#34;172.17.31.97\u0026#34; 7$NSXManagerNode3Hostname = \u0026#34;$VCFManagementDomainName-nsxm-3\u0026#34; 8$NSXManagerNode3IP = \u0026#34;172.17.31.98\u0026#34; Note 1: the secure copy will ask for the SDDC Manager password, have it handy!\nNote 2: the script will add into your ~/.ssh/known_hosts sddcm ssh key, so delete the line if you have to run the script more than once!\nNote 3: having VCF Import Tool validation ERROR because of FQDN was longer than 6 characters, I recommend using equal or less than 6 characters for Top Level Domain (TLD).\nNote 4 [UPDATED!]: added --auto-proceed to not let the VCF Import Tool pause the deployment workflow that propose doing 2 things: 1 snapshot SDDCM, 2 say yes or no to proceed NSX Deployment. Without --auto-proceed if you say no, the NSX bundle upload task is successful.\nNote 1: I used here an ip scheme slightly different than the script.\nThe default log file in the script directory is named vcf-import-lab-deployment.log\nNote 2: Be sure to delete any previous deployment entry sddcm is in your ~/.ssh/known_hosts\nNote 3: Prepare the password for SDDC Manager because SCP will ask for it\nI said these two piece of info twice in case you missed it, but in case the script stop while doing the SCP to SDDC Manager, no sweat you always restart it only like this:\n1$preCheck = 1 2$confirmDeployment = 1 3$deployNestedESXiVMs = 0 4$moveVMsIntovApp = 0 5$bootStrapFirstNestedESXiVM = 0 6$deployVCSA = 0 7$setupNewVC = 0 8$addESXiHostsToVC = 0 9$configureVSANDiskGroup = 0 10$setupVsanStoragePolicy = 0 11$configureVDS = 0 12$migrateVMstoVDS = 0 13$migrateVmkernelToVDS = 0 14$removeVSS = 0 15$finalCleanUp = 0 16$deploySDDCManager = 0 17$uploadVCFImportTool = 0 18$generateNsxSpecJson = 0 19$uploadNSXBundlePath = 1 20$generateVCFImportConvertCommand = 1 Convert vSphere Cluster to VMware Cloud Foundation Management 5.2.1.2 Domain and Deploy NSX 4.2.1.0 Once the depoyment is complete after an Hour or so, as instructed in the log of the script: SSH to SDDC Manager using 'vcf' account and run the following command in VCF Import Tool Directory, but before that let's resize NSX Cluster from 3 to 1 node.\nPrepare SDDC Manager to deploy a Single node NSX Cluster:\nSSH as vcf and then change to root\nEnter the password\nPaste the blob commands from cat to watch with an extra blank line to make it enter\nWait for the Memory to become steady\nCtrl+C to exit the watch\nexit to return to vcf account\n1su - 2 3cat \u0026gt;\u0026gt; /etc/vmware/vcf/domainmanager/application-prod.properties \u0026lt;\u0026lt; EOF 4nsxt.manager.cluster.size=1 5nsxt.manager.wait.minutes=120 6EOF 7 8systemctl restart domainmanager.service 9 10watch \u0026#39;systemctl status domainmanager.service\u0026#39; Open a second ssh windows to sddc manager follow the log\ntail -f /var/log/vmware/vcf/domainmanager/domainmanager.log\nShutdown NSX on firstboot to tweak resources Operation Fail to power on NSX Services at various step (in my case it fail during starting of File Integrity service and ssh wasn't started).\nShutdown NSX small\nIncrease CPU 4 to 6 and RAM 16 to 20 GB\nDecrease both reservations to 0.\nTips / Lessons Learn on powering up NSX small is that it require 20 Ghz, if we do the math 20 / 6 = 3.33 Ghz per core, now if you CPU doesn't have at least 3.33 Ghz you have two solutions\nFor homelab if you don't mind noise you can overclock your CPU ratio ( in my case i've done from 31 to 35 ) with bus typically of 100 Mhz you will endup with 3500Mhz\nFor Enterprise if you want Design requirement / justification to buy the hardware for the POC before Production\nUse SDDCM UI RESTART TASK button. Do NOT use import tool to retry the operation.\nLog in NSX to resolve errors with a button The Subtasks progress and another Subtask Failed later again during\nSubtask \"Enable NSX Security by Configuring VLAN Backed NSX\".\nIn this task NSX Install its bits onto ESXi.\nLogin NSX Manager UI -\u0026gt; System (Menu) -\u0026gt; Fabric -\u0026gt; Hosts -\u0026gt; (Expand) Cluster -\u0026gt; Install Failed -\u0026gt; View Errors\nSelect \u0026amp; Resolve (button)\nAll green VCF 5.2.1.1 imported Management Domain completed successfully with NSX Fix Cluster FTT: The command to fix is documented here Troubleshooting Guardrail Issues Requiring Manual SDDC Manager Database Updates.\n1su - 2Password: 3 4psql -h localhost -U postgres -d platform -c \u0026#34;update cluster set ftt=\u0026#39;0\u0026#39; where name=\u0026#39;Cluster\u0026#39;\u0026#34; After a few seconds SDDC Manager UI update itself without reboot needed.\n","link":"https://strivevirtually.net/post/automated-vmware-cloud-foundation-vcf-5.2.1.1-import-lab-with-nsx-deployment-script/","section":"post","tags":["LAB","AUTOMATION","VCENTER","ESXI","NESTED ESXI","SDDC MANAGER","VCF","NSX-T","VMware Explore"],"title":"**Automated VMware Cloud Foundation (VCF) 5.2.1.2 Import Lab With NSX Deployment Script**"},{"body":"Links to videos and direct download links to supporting presentation slides. VMware Explore US 2024 Breakout Session URLs Direct download links to updated supporting presentation slides VMware Explore EMEA 2024 Breakout Session URLs Watch Community Sessions VMware Explore US Las Vegas 2024 Community Session URLs\nVMware Explore EMEA Barcelona 2024 Community Session URLs\n","link":"https://strivevirtually.net/post/vmware-explore-2024-breakout-session-urls/","section":"post","tags":["VMware Explore"],"title":"**VMware Explore 2024 Breakout Session URLs**"},{"body":"Lab Tutorial in two Steps: 1st Deploy and Convert vSphere to VCF Management Domain, 2nd Deploy NSX on the new VCF Management Domain Bill Of Software Materials Nested ESXi 8.0u3 OVA on Flings\nVMware vCenter Server 8.0U3a - 07/18/2024\nVCF Drivers and Tools\nVCF-SDDC-Manager-Appliance-5.2.0.0-24108943.ova(4.32 GB) - Jul 18, 2024\nVCF Import Tool vcf-brownfield-import-5.2.0.0-24108578.tar.gz(8.28 MB) - Jul 19, 2024\nOnce these are downloaded even \u0026quot;without\u0026quot; a Site ID account,\nHead over William Lam script to Automate the deployment https://williamlam.com/2024/07/automated-vmware-cloud-foundation-vcf-5-2-import-lab-deployment-script.html\nThis is 1 Hour deployment lab with 4 nested vSphere VSAN Self Managed and converted into VCF 5.2 management domain (all default configured resources in the script are enough if you only lab vSphere with VCF)\n1# Nested ESXi VM Resources 2$NestedESXivCPU = \u0026#34;6\u0026#34; 3$NestedESXivMEM = \u0026#34;24\u0026#34; #GB 4$NestedESXiCachingvDisk = \u0026#34;8\u0026#34; #GB 5$NestedESXiCapacityvDisk = \u0026#34;100\u0026#34; #GB VMware Software Install Bundle - NSX_T_MANAGER 4.2.0.0 bundle-124941.zip(11.11 GB) - Jul 23, 2024 VCF Import Tool is able to deploy NSX as Day-N operations (after successful convert of vsphere to VCF Management Domain)\nHere I will walk you through the Lab as I experienced it with minimal resources because CPU RAM DISK must be increased more like that:\n1# Nested ESXi VM Resources 2$NestedESXivCPU = \u0026#34;6\u0026#34; 3$NestedESXivMEM = \u0026#34;46\u0026#34; #GB 4$NestedESXiCachingvDisk = \u0026#34;8\u0026#34; #GB 5$NestedESXiCapacityvDisk = \u0026#34;500\u0026#34; #GB For $NestedESXiCapacityvDisk you can probably get away with 300 but not with 256 , if you do VCF will complain there's not enough resources for Management Domain.\nThe commit that generate NSX json spec and VCF import tool command is here:\nGithub Fork Automated VMware Cloud Foundation Import Lab Deployment Expected Timings Overall 2h and more than 20min with SDDC Manager Import Tool for a brownfield compared to 2h with Cloud Builder for a greenfield!\nProcess Location Estimated Time Deploy ESXi vCenter SDDCM Workstation PowerCLI 1 Hour or 2 Convert to VCF Mgmt Domain SDDCM VCF Import Tool 2 min Scp NSX Bundle to SDDCM Workstation PowerCLI 10 min Extract the bundle zip SDDCM VCF Import Tool 10 min Validates and Upload Bundle SDDCM VCF Import Tool 29 min Deploy NSX OVA SDDCM VCF Import Tool 31 min Install and Configure SDDCM VCF Import Tool + UI variable Step 1: Deploy and Convert vSphere to VCF Management Domain Note 1: I used here an ip scheme slightly different than the script. The default log file in the script directory is named vcf-import-lab-deployment.log\nOnce the depoyment of vSphere is complete after an Hour or so, the next step is very straight forward, having vSphere converted to VCF in less than 2min!\nAs instructed in the log of the script: SSH to SDDC Manager using 'vcf' account and run the following command in VCF Import Tool Directory:\nAt this point we have done VCF Management Domain fully functional \u0026quot;bringup\u0026quot; equivalent to VCF Cloud Builder Green Field but with Brownfield, yet NSX is still not deployed, so it is wise to shutdown the Nested Lab vApp and take a snapshot of the progress.\nStep 2: Deploy NSX on the new VCF Management Domain NSX Bundle Path to the bundle.zip\nNSX Spec Json Path should exist, it is where the file will be generated\n1$NSXBundlePath = \u0026#34;/root/bundle-124941.zip\u0026#34; 2$NsxSpecJsonPath = \u0026#34;/root/nsx-deployment-spec.json\u0026#34; Although we will deploy a Single node NSX Cluster, the 3 NSX node must have valid dns/reverse dns records, for VCF API does a hard check on it. 1$NSXClusterVipHostname = \u0026#34;$VCFManagementDomainName-nsxm-vip\u0026#34; 2$NSXClusterVip = \u0026#34;172.17.31.95\u0026#34; 3$NSXManagerNode1Hostname = \u0026#34;$VCFManagementDomainName-nsxm-1\u0026#34; 4$NSXManagerNode1IP = \u0026#34;172.17.31.96\u0026#34; 5$NSXManagerNode2Hostname = \u0026#34;$VCFManagementDomainName-nsxm-2\u0026#34; 6$NSXManagerNode2IP = \u0026#34;172.17.31.97\u0026#34; 7$NSXManagerNode3Hostname = \u0026#34;$VCFManagementDomainName-nsxm-3\u0026#34; 8$NSXManagerNode3IP = \u0026#34;172.17.31.98\u0026#34; Note 1: the secure copy will ask for the SDDC Manager password, have it handy!\nNote 2: the script will add into your ~/.ssh/known_hosts sddcm ssh key, so delete the line if you have to run the script more than once!\nNote 3: having VCF Import Tool validation ERROR because of FQDN was longer than 6 characters, I recommend using equal or less than 6 characters for Top Level Domain (TLD).\nNote 4 [UPDATED!]: added --auto-proceed to not let the VCF Import Tool pause the deployment workflow that propose doing 2 things: 1 snapshot SDDCM, 2 say yes or no to proceed NSX Deployment, I recommend to shutdown and take snapshot of the whole Lab vApp after the convert operation in Step 1, and doing a snapshot inside the Nested ESXi will only takup disk space. Without --auto-proceed if you say no, the bundle upload task is successful at this point and you can shutdown the Lab vApp snapshot the progress, then power on the Lab vApp and use VCF Import Tool deploy-nsx command generated by Github Fork Automated VMware Cloud Foundation Import Lab Deployment Script. Open a second ssh windows to sddc manager follow the log\ntail -f /var/log/vmware/vcf/domainmanager/domainmanager.log\nPrepare SDDC Manager to deploy a Single node NSX Cluster:\nSSH as vcf and then change to root\nEnter the password\nPaste the blob commands from cat to watch with an extra blank line to make it enter\nWait for the Memory to become steady\nCtrl+C to exit the watch\nexit to return to vcf account\n1su - 2 3cat \u0026gt;\u0026gt; /etc/vmware/vcf/domainmanager/application-prod.properties \u0026lt;\u0026lt; EOF 4nsxt.manager.cluster.size=1 5nsxt.manager.wait.minutes=120 6EOF 7 8systemctl restart domainmanager.service 9 10watch \u0026#39;systemctl status domainmanager.service\u0026#39; Opeation Fail to power on NSX Services at various step (in my case it fail during starting of System Integrity service and ssh wasn't started).\nShutdown NSX small increase CPU 4 to 6 and RAM 16 to 20 GB decrease both reservations to 0.\nTry to ssh admin@$NSXManagerNode1IP from sddcm, if port 22 is not open, enable ssh from the NSX console (remember the keyboard layout is qwerty for the password).\nLogin NSX console and Enable ssh service. vCenter -\u0026gt; NSX VM Console\n1Login: admin 2Password: $SddcManagerAdminPassword 3start service ssh 4set service ssh start-on-boot 5get service ssh SSH NSX as admin account and Get cluster status to check if it is stable.\nget cluster status\nOnce the cluster is stable,\nUse SDDCM UI RESTART TASK button. Do NOT use import tool to retry the operation.\nThe Subtasks progress and another Subtask Failed later again during \u0026quot;Subtask Enable NSX Security by Configuring VLAN Backed NSX\u0026quot;.\nIn this task NSX Install its bits onto ESXi.\nLogin NSX Manager UI -\u0026gt; System (Menu) -\u0026gt; Fabric -\u0026gt; Hosts -\u0026gt; (Expand) Cluster -\u0026gt; Install Failed -\u0026gt; View Errors\nSelect \u0026amp; Resolve (button)\n","link":"https://strivevirtually.net/post/automated-vmware-cloud-foundation-vcf-5.2-import-lab-plus-nsx-deployment-script/","section":"post","tags":["LAB","AUTOMATION","VCENTER","ESXI","NESTED ESXI","SDDC MANAGER","VCF","NSX-T","VMware Explore"],"title":"**Automated VMware Cloud Foundation (VCF) 5.2.0 Import Lab Plus NSX Deployment Script**"},{"body":"Fira Barcelona Gran Via – Hall 8, North Access , Carrer del Foc, 35, Sants-Montjuïc, 08908 , Barcelona, Spain Trip Trip Link Hotels Good Examples of Hotels provided by VMware by Broadcom can be downloaded via this direct link\nHotels Link Metro - Bus L1 is the only Metro Line that cross all the others Metro Line,\nIf you ever get lost, find the Metro Red Line *L1 and you are saved!\nIf you do not plan to have a phone data plane, you can download the Metro and Bus maps right here.\nDownload Metro Map 0.5MB not searchable - Plànol xarxa de Metro.pdf Download Searchable Bus Map 5MB to search by name - Plànol xarxa bus.pdf GoogleEarth view Barcelona Alumini-Foc Bus 79 (3409 From Pl.Espanya) on the left - (3410 To Pl. Espanya) on the right - Explore Hall 8 on the right GoogleEarth view Bus 79 - Alumini Foc (3410 to Pl Espanya) - Hall 8 - North Access - Gran Via Fira - Explore 2024 Plan your Journey Planner by web Planner by app - Download the TMB APP TMB APP - Apple Appstore TMB APP - Google Playstore To go to Explore From Pl. Espanya by Bus Bus 79 3409 From Pl. Espanya To Av. Carrilet Weekdays\nDestination Av. Carrilet: 3409\n05:33 - 06:03 - 06:28 - 06:56 - 07:29 - 07:58 - 08:27 - 08:59\n09:27 - 09:56 - 10:23 - 10:52 - 11:20 - 11:48 - 12:16 - 12:44\n13:12 - 13:40 - 14:08 - 14:37 - 15:05 - 15:33 - 16:02 - 16:32\n16:59 - 17:28 - 17:56 - 18:25 - 18:54 - 19:20 - 19:49 - 20:16\n20:46 - 21:24 - 22:08 - 22:52\nJust a reminder in pic hour, the bus might get packed, like everywhere else in the world.\nGood thing is that taking the bus 3409 at terminus Pl. Espanya,\nyou will have more chance to get a seat,\nas long as you arrive early.\nTo come back To Pl. Espanya: Bus 79 3410 From Av. Carrilet To Pl. Espanya Weekdays\nDestination Pl. Espanya: 3410\n05:47 - 06:17 - 06:45 - 07:14 - 07:44 - 08:14 - 08:44 - 09:14\n09:42 - 10:11 - 10:40 - 11:08 - 11:36 - 12:04 - 12:31 - 12:59\n13:27 - 13:56 - 14:24 - 14:52 - 15:21 - 15:49 - 16:18 - 16:46\n17:14 - 17:43 - 18:12 - 18:40 - 19:09 - 19:37 - 20:05 - 20:33\n21:29 - 22:13\nAdvices It all on how you wanna relax after a day, is it slippling in jacuzzi or diving in swimming pool, or is it having a drink, i would say, just walking on the beach barefoot would be nice at night.\nDepending on your preference, choose your staying accordingly so everything is easy.\nRemember to register, Today 29 July is the last day to take advantage of early bird pricing and save 400€ compare to onsite pricing!\nRegistration Pricing ","link":"https://strivevirtually.net/post/trip-hotels-and-access-guide-in-barcelona-to-explore-2024/","section":"post","tags":["VMware Explore"],"title":"**Trip - Hotels and Access Guide in Barcelona to Explore 2024**"},{"body":"What’s New with VCF Learning Good News yesterday 18 July 2024, in VCF Learning webinar they announced All course offered for FREE for VCF customer's! There is alot of other good news in the video, check this out! Regarding Video Library Courses here's how you go about it: From Broadcom Support, in Education Portal, click on Explore. In the following i recap in images a part of the webinar with the step-by-step watlktrough on how to get Free Full Video Library of VMware by Broadcom Courses. Click and swipe through Fullscreen\nBroadcom Support Education Portal Explore\nBroadcom Support Education Portal Explore 1-VMware-Digital-Entitlement-VCF.png\n1-VMware-Digital-Entitlement-VCF.png 2-VMware-Digital-Entitlement-VCF.png\n2-VMware-Digital-Entitlement-VCF.png 3-VMware-Digital-Entitlement-VCF.png\n3-VMware-Digital-Entitlement-VCF.png 4-On-Demand-Courses.png\n4-On-Demand-Courses.png 5-On-Demand-Courses.png\n5-On-Demand-Courses.png 6-On-Demand-Courses.png\n6-On-Demand-Courses.png 7-Open-Curriculum.png\n7-Open-Curriculum.png 8-Launch.png\n8-Launch.png 9-click here.png\n9-click here.png 10-Launch-this-course-in-a-new-window.png\n10-Launch-this-course-in-a-new-window.png 11-NSX-Operations-and-Troubleshooting-Tools.png\n11-NSX-Operations-and-Troubleshooting-Tools.png 12-NSX-Operations-and-Troubleshooting-Tools.png\n12-NSX-Operations-and-Troubleshooting-Tools.png ","link":"https://strivevirtually.net/post/vcf-learning-announce-course-are-free-for-vcf-customers/","section":"post","tags":["VCF","VMware Digital Entitlement","VMware Explore"],"title":"**VCF Learning announce Course are Free for VCF Customers**"},{"body":"","link":"https://strivevirtually.net/tags/vmware-digital-entitlement/","section":"tags","tags":null,"title":"VMware Digital Entitlement"},{"body":"Las Vegas | August 26 - 29, 2024 - Barcelona | November 4 - 7, 2024 https://www.vmware.com/explore/us - https://www.vmware.com/explore/eu Register Now Explore2024lv - Register Now Explore2024bcn Browse and Schedule your favorites Sessions in the Catalog to save your seat: Explore2024 Las Vegas - Explore2024 Barcelona Top Reasons to Attend Hands-on Labs : That would be one of my favs just to get familliar and to regroup before going in an Explore what VMware by Broadcom has to offers in 2024!\nWith our expert-led workshops, interactive labs, and production-quality VMware TestDrive demos, you'll get hands-on experience with the full VMware by Broadcom portfolio of products. Subject Matter Experts will be available to answer questions and deep dive into innovative solutions.\nCertification Exams : If feel like you have it \u0026quot;Go straight from zero cert to VCAP for half price\u0026quot; as Tim said. I would add with all the emulation of the event it's worth taking the leap!\nYour full event pass registration allows you to purchase VMware Certified Professional (VCP) and VMware Certified Advanced Professional (VCAP) certification exam vouchers at a 50 percent discount (exams must be taken onsite during Explore Barcelona).\nThe Meeting Center : It could be furthering a talk with SME previously had in Hands-on Labs but with Business in mind this time.\nThe Meeting Center offers private meeting rooms for customers and partners to connect with Subject Matter Experts. Contact your Broadcom representative for more information.\nThe Expo : MONDAY, NOVEMBER 4th 2024 at 17:00 – 19:00 at The Expo, Hall 7.0 -\u0026gt; For example talk to Tim Burkard in person, and many other people\nVisit The Expo to explore the latest products and solutions from sponsors and exhibitors. While there, be sure to head to the VMware by Broadcom stand where you can learn more about the latest offerings, attend our in-stand theater presentations, and get your questions answered by product specialists.\nRubrik VMware 2024 Barcelona Party : SUNDAY, NOVEMBER 3rd 2024 at 8PM COYA BARCELONA at the W HOTEL Registration\nCOYA Barcelona at the W Hotel Plaça de la Rosa dels Vents 1, 1st floor Ciutat Vella, 08039 Barcelona (Maps) VMware {code} Hackathon : MONDAY, NOVEMBER 4th 2024 at 19PM at Cahoot Coworking Registration\nCahoot Coworking Calle de Floridablanca 92 Cataluña 08015 (Maps) vRockStar Party : MONDAY, NOVEMBER 4th 2024 at 19PM at Soho House Barcelona\nSoho House Barcelona 4 Plaça del Duc de Medinaceli 08002 Barcelona (Maps)\nExpo Bash\t: WEDNESDAY, NOVEMBER 6th 2024 at 17:00 – 19:00 at The Expo, Hall 7.0\tFull Conference Pass The Party\t: WEDNESDAY, NOVEMBER 6th 2024 at 19:00 – 21:00 at Main Stage, Hall 4.0\tFull Conference Pass Click/Tap and swipe through fullscreen Make your mark at the industry’s essential cloud event. Mingle with peers you know and those you’ve yet to meet\nMake your mark at the industry’s essential cloud event. Mingle with peers you know and those you’ve yet to meet Uncomplicate your cloud. Find guidance on building consistency, resiliency, and innovation—at scale.\nUncomplicate your cloud. Find guidance on building consistency, resiliency, and innovation—at scale. Level up your knowledge and expertise. Access rich technical content, explore products in our hands-on labs, and exchange ideas with your peers.\nLevel up your knowledge and expertise. Access rich technical content, explore products in our hands-on labs, and exchange ideas with your peers. Engage with industry experts and thought leaders. Gain new insights on how to build the right cloud solution for your organization.\nEngage with industry experts and thought leaders. Gain new insights on how to build the right cloud solution for your organization. Do more with new cloud perspectives. Discover what’s possible, from cloud infrastructure to the software-defined edge to Private AI innovation.\nDo more with new cloud perspectives. Discover what’s possible, from cloud infrastructure to the software-defined edge to Private AI innovation. Dive deep into smarter cloud solutions. Modernize your infrastructure, accelerate app development and protect everything, everywhere.\nDive deep into smarter cloud solutions. Modernize your infrastructure, accelerate app development and protect everything, everywhere. ","link":"https://strivevirtually.net/post/vmware-explore-2024-us-las-vegas-venetian-eu-barcelona-fira-gran-via/","section":"post","tags":["VMware Explore"],"title":"**VMware Explore 2024 US Las Vegas Venetian | EU Barcelona Fira Gran Via**"},{"body":"VMware Cloud Foundation 5.2 announcements Technical, vSphere/VSAN 8.0u3 release in General Availability, Cloud Director 10.6 is also GA now part of VCF What VCF? Update BOM VCF 5.2 require vCenter 8.0 U3a\nWhere VCF Edge? How vSphere-to-VCF? Upgrade or Patch Plan Upgrade Independently Upgrade SDDC Manager\nIndependently Upgrade SDDC Manager VCF Upgrade Flexibility\nVCF Upgrade Flexibility Plan Patching Patch Individual Components using SDDC-Manager\nPatch Individual Components using SDDC-Manager Deploy New Async Patched Domains\nDeploy New Async Patched Domains Create an Offline Depot Local Patch Repository\nCreate an Offline Depot Local Patch Repository vSphere Live Patching\nvSphere Live Patching Security and Compliance Identity Federation Support with Microsoft Entra ID Configure a proxy Server with Authentication What it means is that the Offline Depot will previuosly shown in green typically use a customer onpremise proxy server to reach out the online Depot and, that proxy server settings in SDDC-Manager 5.2 enable authentication.\nWhen VCF Release Generally Available as of Today 23/07/2024 Read More Introducing VMware Cloud Foundation 5.2: The Next Step in Private Cloud Modernization Webinar – Transform your Cloud Strategy With VMware Cloud Foundation 5.2 ","link":"https://strivevirtually.net/post/vmware-cloud-foundation-5.2-sddc-manager/","section":"post","tags":["VCF","VMware Explore","Private Cloud Platform"],"title":"**VMware Cloud Foundation 5.2 - SDDC Manager**"},{"body":"Download the full size poster almost 70MB jpeg for the biggest !\nhttps://core.vmware.com/blog/vmware-cloud-foundation-5x-posters\n","link":"https://strivevirtually.net/post/vmware-cloud-foundation-5.1-private-cloud-platform/","section":"post","tags":["VCF","Private Cloud Platform"],"title":"**VMware Cloud Foundation 5.1 Private Cloud Platform**"},{"body":"The product page vmware.com/products/cloud-director.html First download the OVA file, it's 2GB from VMware Customer Connect VMware_Cloud_Director-10.5.1.11019-23401219_OVF10.ova VMware by Broadcom support portal\tVMware_Cloud_Director-10.5.1.11019-23401219_OVF10.ova (Note: Entitlement is needed to be able to download) Prerequisite: NFS Network Path and DNS records Deploy the OVF Template Primary Appliance Setup (VAMI or Virtual Appliance Management Interface is on https://$VCDIP:5480) Add Ressources: vCenter Server from vSphere with Tanzu Supervisor Cluster already deployed Add Ressources: NSX-T Manager already deployed and Create a Geneve backed Network Pool Create Provider VDC backed by vSphere with Tanzu Supervisor Cluster and NSX-T Learn more Step 0 - Prerequisite: NFS Network Path and DNS records Prerequisite: After installing Server for NFS role with quick profile, Create a folder then head over Manage NFS Sharing\nPrerequisite: After installing Server for NFS role with quick profile, Create a folder then head over Manage NFS Sharing Share this folder and leave the default, but click on Permissions\nShare this folder and leave the default, but click on Permissions By default here it is read only and root access disallowed, so we change it\nBy default here it is read only and root access disallowed, so we change it In the drop-down menu Read-Write and clickon Allow root access\nIn the drop-down menu Read-Write and clickon Allow root access Copy the Network Path will be needed\nCopy the Network Path will be needed DNS A record is required\nDNS A record is required DNS PTR record is required\nDNS PTR record is required Step 1 - Deploy the OVF Template Part I - Deploy\nPart I - Deploy In case the OVA tranfert fail with \"OVF descriptor is not available\" Extract the OVA and load the 4 files\nIn case the OVA tranfert fail with \u0026#34;OVF descriptor is not available\u0026#34; Extract the OVA and load the 4 files Here we deploy on the Outer vSphere Mgmt VM-Network and not on the Nested Inner vSphere Lab\nHere we deploy on the Outer vSphere Mgmt VM-Network and not on the Nested Inner vSphere Lab Domain Name here refer to the VM FQDN, Additional Networking Properties is skipped.png\nDomain Name here refer to the VM FQDN, Additional Networking Properties is skipped.png Step 2 - Primary Appliance Setup (VAMI or Virtual Appliance Management Interface is on https://$VCDIP:5480) Part II - Setup\nPart II - Setup Green mark means NFS is OK, vcloud need at least 14 !\nGreen mark means NFS is OK, vcloud need at least 14 ! Here we are all green, clicking on the link\nHere we are all green, clicking on the link We are greeted a gray page\nWe are greeted a gray page After a while it says The resource was not found on this server\nAfter a while it says The resource was not found on this server Looking at the certificate we see that can use the FQDN instead of the IP, let's give a try\nLooking at the certificate we see that can use the FQDN instead of the IP, let\u0026#39;s give a try Success !\nSuccess ! Step 3 - Add Ressources: vCenter Server from vSphere with Tanzu Supervisor Cluster already deployed Part III - Add vCenter Server - vSphere with Tanzu Supervisor Cluster already deployed in previous articles\nPart III - Add vCenter Server - vSphere with Tanzu Supervisor Cluster already deployed in previous articles Here the Common Name is our vCenter so click only on TRUST the SHA-256 fingerprint after verifiying it, not on RETRIEVE\nHere the Common Name is our vCenter so click only on TRUST the SHA-256 fingerprint after verifiying it, not on RETRIEVE Here we turn off this setting because we are using NSX-T and not NSX-V on vCenter Server\nHere we turn off this setting because we are using NSX-T and not NSX-V on vCenter Server Finally we are prompted to TRUST vCenter CA certificate that conclude this part\nFinally we are prompted to TRUST vCenter CA certificate that conclude this part Step 4 - Add Ressources: NSX-T Manager already deployed and Create a Geneve backed Network Pool Part IV - Add NSX-T\nPart IV - Add NSX-T Shortname for the Name, and FQDN for the URL, then TRUST the certificate thumbprint of your NSX-T\nShortname for the Name, and FQDN for the URL, then TRUST the certificate thumbprint of your NSX-T As a requirement for the pVDC we need a Geneve Transport Zone backed Network Pool\nAs a requirement for the pVDC we need a Geneve Transport Zone backed Network Pool Step 5 - Create Provider VDC backed by vSphere with Tanzu Supervisor Cluster and NSX-T This is continuation from previous articles highlighted Service Provider's tasks below, in the highly available Supervisor multi vSphere zones Lab:Next Service Provider's Tasks: Create a provider VDC backed by a Supervisor Cluster, Publish a Provider VDC Kubernetes Policy to an Organization VDC in VMware Cloud Director, Offers Kubernetes as a Service (CaaS).\nPart V - Create pVDC Tanzu and NSX-T backed\nPart V - Create pVDC Tanzu and NSX-T backed This page merit attention as the Hardware Version can't be downgraded, please refer to your VM Class flavors, be it those included in vSphere or, a Custom VM Class or, NVIDIA VM Class for VCF Private AI\nThis page merit attention as the Hardware Version can\u0026#39;t be downgraded, please refer to your VM Class flavors, be it those included in vSphere or, a Custom VM Class or, NVIDIA VM Class for VCF Private AI TRUST the vCenter Supervisor cetificate thumbprint\nTRUST the vCenter Supervisor cetificate thumbprint Select our VSAN storage policy\nSelect our VSAN storage policy Select an NSX-T manager and Geneve Network pool\nSelect an NSX-T manager and Geneve Network pool Review and click Finish\nReview and click Finish Congrats, you succesfully created a Provider Virtual Data Center backed by Kubernetes, Customer Organizations can opt with this capability along with vGPU or DPU already present for TELCO or AI or anything Cloud Native related.\nCongrats, you succesfully created a Provider Virtual Data Center backed by Kubernetes, Customer Organizations can opt with this capability along with vGPU or DPU already present for TELCO or AI or anything Cloud Native related. Learn more For a more comprehensive approach on how to offer Kubernetes as Service with VMware Cloud Director if you're VMware Partner Cloud Provider or just to be informed from high level view, take a look at the latest Feature Friday on the subject Feature Friday Episode 144 - Kubernetes as a Service with Cloud Director, and Download the Whitepaper: Architecting Kubernetes-as-a-Service Offering with VMware Cloud Director.\nVMware Cloud Director Tutorials videos playlist\n","link":"https://strivevirtually.net/post/tutorial-install-vmware-cloud-director-10.5.1.1-and-create-provider-virtual-data-center-pvdc-backed-by-vsphere-with-tanzu-kubernetes-8.0u2-and-nsx-t-4.1.2/","section":"post","tags":["VCD","Tanzu","NSX-T"],"title":"**Tutorial Install VMware Cloud Director 10.5.1.1 and Create Provider Virtual Data Center (PVDC) Backed by VSphere With Tanzu Kubernetes 8.0u2 and NSX T 4.1.2**"},{"body":"","link":"https://strivevirtually.net/tags/tanzu/","section":"tags","tags":null,"title":"Tanzu"},{"body":"","link":"https://strivevirtually.net/tags/vcd/","section":"tags","tags":null,"title":"VCD"},{"body":"Using AWS: Route53 Domain, added Cloudfront CDN / OAC Origin Access Control, Certificate Manager ACM, and now using S3 private bucket ","link":"https://strivevirtually.net/post/this-website-is-finally-updated-to-https-for-ease-everyone-access/","section":"post","tags":["Blog","Architecture","AWS"],"title":"**Strivevirtually.net Website Is Finally Updated to HTTPS for Ease Everyone Access*"},{"body":"","link":"https://strivevirtually.net/tags/architecture/","section":"tags","tags":null,"title":"Architecture"},{"body":"","link":"https://strivevirtually.net/tags/aws/","section":"tags","tags":null,"title":"AWS"},{"body":"","link":"https://strivevirtually.net/tags/blog/","section":"tags","tags":null,"title":"Blog"},{"body":"Find me Here along all the vEXPERT around the Globe https://vexpert.vmware.com/directory/10999 ","link":"https://strivevirtually.net/post/honored-to-be-part-of-the-vmware-vexpert-community-in-2024-again-/","section":"post","tags":["vEXPERT"],"title":"**Honored to be part of the VMware by Broadcom vEXPERT community in 2024 again !**"},{"body":" Use a single SupervisorVM Next let's go to Workload Management Next Deploy T0 VRF as described in Multi vSphere Zones post and follow here Next head over Namespaces to Create Namespace: tick \u0026quot;Override Supervisor network settings\u0026quot; and select T0 VRF in the dropdown menu Deploy TKC on VRF Namespace First Deploy the Lab using the latest vlan commit HERE Use a single SupervisorVM Editing Workload Control Plane (wcp) file for Lab prupose only without needing support editing does break support.\nWe will change the number of master from 3 to 1, change the disk from \u0026quot;thick\u0026quot; to \u0026quot;thin\u0026quot; and, restart the service.\nssh root@tanzu-vcsa-4 vi /etc/vmware/wcp/wcpsvc.yaml minmasters: 1 maxmasters: 1 controlplane_vm_disk_provisioning: \"thin\" :wq! service-control --restart wcp Next let's go to Workload Management Further editing files in SupervisorVM for Lab prupose only without needing support editing does break support.\nWe will change the number of replica from 3 to 1 and from 2 to 1 for the deployments in the namespaces starting with \u0026quot;vmware-system-\u0026quot; or \u0026quot;kube-system\u0026quot;.\nssh root@tanzu-vcsa-4 /usr/lib/vmware-wcp/decryptK8Pwd.py ssh root@IP kubectl get deployments -A \\# reduce from 3 to 1 replica bash \u0026lt;(kubectl get deployments -A -o json | jq -r '.items[] | select(.metadata.namespace | (startswith(\"vmware-system-\") or contains(\"kube-system\"))) | select(.status.replicas == 3) | \"kubectl scale deployments/\\(.metadata.name) -n \\(.metadata.namespace) --replicas=1\"') \\# reduce from 2 to 1 replica bash \u0026lt;(kubectl get deployments -A -o json | jq -r '.items[] | select(.metadata.namespace | (startswith(\"vmware-system-\") or contains(\"kube-system\"))) | select(.status.replicas == 2) | \"kubectl scale deployments/\\(.metadata.name) -n \\(.metadata.namespace) --replicas=1\"') watch 'kubectl get deployments -A' Since the deployments happen once the bits are downloaded, they appear in the watch and we have to use ctrl+c to come back in the shell and upper arrow the scale down replica command.\nThis little babysit task allow less container running and is desired in LAb with limited resources.\nAt last there is one deployment that need to be edited to comment the anti-affinity\nEditing the deployment with vi editor\nssh root@tanzu-vcsa-4 /usr/lib/vmware-wcp/decryptK8Pwd.py ssh root@IP kubectl get deployments.apps -n vmware-system-registry -o yaml \u003e vmware-registry-controller-manager.yaml vi vmware-registry-controller-manager.yaml Applying the changes from the yaml\nkubectl apply -f vmware-registry-controller-manager.yaml deployment.apps/vmware-registry-controller-manager configured Verify the deployment is ready\nNext Deploy T0 VRF as described in link below and follow here Deploy T0 VRF in Multi vSphere Zones post\nHere we only need following Project variables turned on and can leave VPC variables to 0.\n$deployProjectExternalIPBlocksConfig = 1 $deployProject = 1 Next head over Namespaces to Create Namespace: tick \u0026quot;Override Supervisor network settings\u0026quot; and select T0 VRF in the dropdown menu Namespace configuration: We will add Storage, Users Permissions, VM size (VM Class), Content Libraries (TKRs) and, download CLI Tools.\nFor the sake of simplicity, we will add king kong administrator as well.\nWith VM Class aka (flavor) we will set the size of the VM in our TKC, here i choose \u0026quot;xsmall\u0026quot; 2CPUs 2GB for each VM Master (aka Control Plane) or Worker.\nDownload Kubectl+vSphere plugin, vSphere Docker Credential Helper\nWe will login to Supervisor Control Plane Node Address, then switch to our VRF Namespace context, to apply networkpolicy from a yaml via CLI using kubectl.\nLogin\nkubectl vsphere login --server=172.17.31.130 -u administrator@vsphere.local --insecure-skip-tls-verify KUBECTL_VSPHERE_PASSWORD environment variable is not set. Please enter the password below Password: Logged in successfully. You have access to the following contexts: 172.17.31.130 t0vrf-1683-prj-2-ns1 If the context you wish to use is not in this list, you may need to try logging in again later, or contact your cluster administrator. To change context, use `kubectl config use-context \u0026lt;workload name\u0026gt;` Switch context\nkubectl config use-context t0vrf-1683-prj-2-ns1 Switched to context \"t0vrf-1683-prj-2-ns1\". Apply network policy\nkubectl apply -f enable-all-policy.yaml networkpolicy.networking.k8s.io/allow-all created Content enable-all-policy.yaml\napiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: allow-all spec: podSelector: {} ingress: - {} egress: - {} policyTypes: - Ingress - Egress Verify on vCenter UI - VRF Namespace - Network Tab\nDeploy TKC on VRF Namespace Apply the cluster deployment from yaml\nkubectl apply -f t0vrf-1683-prj2-tkc-v1alpha3.yaml tanzukubernetescluster.run.tanzu.vmware.com/t0vrf-1683-prj2-tkc-v1alpha3 created This k8s configuration yaml come from VMware by Broadcom TechDocs v1alpha3 Example: TKC with Default Storage and Node Volumes\nContent of t0vrf-1683-prj2-tkc-v1alpha3.yaml\napiVersion: run.tanzu.vmware.com/v1alpha3 kind: TanzuKubernetesCluster metadata: name: t0vrf-1683-prj2-tkc-v1alpha3 namespace: t0vrf-1683-prj-2-ns1 spec: topology: controlPlane: replicas: 1 vmClass: best-effort-xsmall storageClass: tanzu-gold-storage-policy tkr: reference: name: v1.25.7---vmware.3-fips.1-tkg.1 nodePools: - name: worker replicas: 1 vmClass: best-effort-xsmall storageClass: tanzu-gold-storage-policy tkr: reference: name: v1.25.7---vmware.3-fips.1-tkg.1 volumes: - name: containerd mountPath: /var/lib/containerd capacity: storage: 5Gi - name: kubelet mountPath: /var/lib/kubelet capacity: storage: 5Gi settings: storage: defaultClass: tanzu-gold-storage-policy network: cni: name: antrea services: cidrBlocks: [\"198.53.100.0/16\"] pods: cidrBlocks: [\"192.0.5.0/16\"] serviceDomain: cluster.local Kubectl get node -o wide - Login Supervisor Control Plane Node address -- VRF NS -- TKC cluster + switch to TKC cluster context\nLogin\nkubectl vsphere login --server=172.17.31.130 -u administrator@vsphere.local --insecure-skip-tls-verify --tanzu-kubernetes-cluster-namespace t0vrf-1683-prj-2-ns1 --tanzu-kubernetes-cluster-name t0vrf-1683-prj2-tkc-v1alpha3 KUBECTL_VSPHERE_PASSWORD environment variable is not set. Please enter the password below Password: Logged in successfully. You have access to the following contexts: 172.17.31.130 t0vrf-1683-prj-2-ns1 t0vrf-1683-prj2-tkc-v1alpha3 If the context you wish to use is not in this list, you may need to try logging in again later, or contact your cluster administrator. To change context, use `kubectl config use-context \u0026lt;workload name\u0026gt;` Switch context\nkubectl config use-context t0vrf-1683-prj2-tkc-v1alpha3 Switched to context \"t0vrf-1683-prj2-tkc-v1alpha3\". Get node\nkubectl get node -o wide NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME t0vrf-1683-prj2-tkc-v1alpha3-ch9cz-dw2p9 Ready control-plane 23m v1.25.7+vmware.3-fips.1 10.244.2.18 \u0026lt;none\u0026gt; VMware Photon OS/Linux 4.19.283-3.ph3-esx containerd://1.6.18-1-gdbc99e5b1 t0vrf-1683-prj2-tkc-v1alpha3-worker-d4t44-59cd4bc4bf-vtp94 Ready \u0026lt;none\u0026gt; 14m v1.25.7+vmware.3-fips.1 10.244.2.19 \u0026lt;none\u0026gt; VMware Photon OS/Linux 4.19.283-3.ph3-esx containerd://1.6.18-1-gdbc99e5b1 VMware NSX Network Topology - Supervisor Cluster on T0 - Guest Cluster on T0 VRF\nVMware NSX - 1ESXi 2 TEP x (2 x Edge VM 2TEP) = 8 Tunnels\nVMware NSX - Edge1 Tunnel Endpoint (4 to ESXi + 4 to Edge2 TEP)\nVMware NSX - Host Transport Node - ESXi Details\nVMware vCenter - Outer VCSA Virtual switches - Trunk vswitch (VMTRUNK vlan 4095 + 1731-Network vlan 1731) - vswitch0\nVMware vCenter - Inner VCSA Virtual switches - 2 NSX Switch Tanzu-VDS1 MGMT - Tanzu-VDS2 TEP\nTanzu-VDS1 - Ports\nTanzu-VDS2 - Ports\nVMware vCenter - Distributed Port Groups per VDS\nESXi 28GB takes SupervisorVM + TKC VMs\n","link":"https://strivevirtually.net/post/new-tanzu-using-nsx-t-automated-lab-deployment-with-single-nested-esxi-28gb-minimum-and-workload-enablement-single-supervisorvm-and-single-replica-deployments/","section":"post","tags":["lab","Automation","Tanzu","NSX-T","vlan","vrf","NSX Project","vyos"],"title":"**New Tanzu Using NSX-T Automated Lab Deployment With Single Nested ESXi 28GB Minimum and Workload Enablement Single SupervisorVM and Single Replica Deployments and TKC on T0 VRF backed Namespace**"},{"body":"","link":"https://strivevirtually.net/tags/nsx-project/","section":"tags","tags":null,"title":"NSX Project"},{"body":"","link":"https://strivevirtually.net/tags/vrf/","section":"tags","tags":null,"title":"Vrf"},{"body":"Fork Branch \u0026quot;vlan\u0026quot; https://github.com/abbedsedk/vsphere-with-tanzu-nsxt-automated-lab-deployment/tree/vlan Added 2 NSX Switch (VDS): Tanzu-VDS1 MGMT(+EDGE UPLINK T0 Segment) \u0026quot;North-South\u0026quot; Traffic Tanzu-VDS2 Overlay \u0026quot;East-West\u0026quot; Traffic Ref: 7.4.2.2 Multiple virtual switches as a requirement NSX Reference Design Guide 4-1_v1.5.pdf - Updated Download link May 6, 2024 P.291-293 (Compliance PCI,... separate dedicated infra components, Cloud Provider separate internal and external, Telco Provider NFV standard and enhanced vswitch) Migrate VMKernel0 in VSS to Tanzu-VDS1, Remove old vSwitch0 2 Edge T0 interfaces (1 interface per edge) in Active-Active scaling out up to 10, LoadBalancing \u0026quot;North-South\u0026quot; 2 TEP per ESXi , 2 TEP per EDGE x 2 EDGE = 2 x (2x2) = 8 Tunnels for the bare minimum 1 ESXi and 2 Edges scaling out, LoadBalancing \u0026quot;East-West\u0026quot; Requirements: 3 VLANs, 3 subinterfaces VLAN Gateway on a virtual router(VLAN 1731 MGMT, VLAN 1751 EDGE UPLINK T0, VLAN 301 VTEPs), 2 edges nodes (T0 Active-Active), Trunk Vlan 4095 PortGroup (\u0026quot;VMTRUNK\u0026quot;) and, NestedVM Mgmt Vlan 1731 PortGroup (\u0026quot;1731-Network\u0026quot;) 1 VRF VLAN (1683) in a TRUNK VLAN Range (1683-1687) (of up to 5 T0 VRF in a single Project each with Public IP block), 1 subinterface VLAN Gateway(.168.3.253 on vyos below config), Gateway for the 2 Edge (max 10) T0 VRF interfaces (1 interface per edge) all NSX Edges participating A/A forwarding Virtual Router VM : NIC1 Outer Esxi \u0026quot;VM Network\u0026quot;, NIC2 Outer \u0026quot;VMTRUNK\u0026quot;, Interfaces, Vlans, MTU, Source NAT, DNS Forwarding, NTP, SSH, Static Routes: - Default Route, - Route to Supervisor Namespace (10.244.0.0/23) via T0 Interfaces(A/A) (172.17.51.121,172.17.51.122), - Routes to Supervisor Ingress (172.17.31.128/27)and Egress (172.17.31.160/27) via T1 (10.244.0.1)(A/S) VyOS config inspired from template of VyOS Module for PowerCLI And from William Lam blog post's How to automate... Here. VyOS config vyos@vyos:~$ show configuration commands | strip-private set interfaces ethernet eth0 address 'xxx.xxx.1.253/24' set interfaces ethernet eth0 hw-id 'xx:xx:xx:xx:xx:d9' set interfaces ethernet eth0 ipv6 address no-default-link-local set interfaces ethernet eth1 hw-id 'xx:xx:xx:xx:xx:e3' set interfaces ethernet eth1 ipv6 address no-default-link-local set interfaces ethernet eth1 mtu '1700' set interfaces ethernet eth1 vif 301 address 'xxx.xxx.1.253/24' set interfaces ethernet eth1 vif 301 description 'VLAN 301 for HOST/EDGE VTEP with MTU 1700' set interfaces ethernet eth1 vif 301 ipv6 address no-default-link-local set interfaces ethernet eth1 vif 301 mtu '1700' set interfaces ethernet eth1 vif 1683 address 'xxx.xxx.3.253/24' set interfaces ethernet eth1 vif 1683 description 'VLAN 1683 for EDGE UPLINK T0 VRF' set interfaces ethernet eth1 vif 1683 ipv6 address no-default-link-local set interfaces ethernet eth1 vif 1731 address 'xxx.xxx.31.253/24' set interfaces ethernet eth1 vif 1731 description 'VLAN 1731 for MGMT' set interfaces ethernet eth1 vif 1731 ipv6 address no-default-link-local set interfaces ethernet eth1 vif 1751 address 'xxx.xxx.51.253/24' set interfaces ethernet eth1 vif 1751 description 'VLAN 1751 for EDGE UPLINK T0' set interfaces ethernet eth1 vif 1751 ipv6 address no-default-link-local set nat source rule 1 outbound-interface name 'eth0' set nat source rule 1 source address 'xxx.xxx.31.0/24' set nat source rule 1 translation address 'masquerade' set nat source rule 2 outbound-interface name 'eth0' set nat source rule 2 source address 'xxx.xxx.51.0/24' set nat source rule 2 translation address 'masquerade' set nat source rule 3 outbound-interface name 'eth0' set nat source rule 3 source address 'xxx.xxx.3.0/24' set nat source rule 3 translation address 'masquerade' set protocols static route xxx.xxx.0.0/0 next-hop xxx.xxx.1.253 set protocols static route xxx.xxx.0.0/23 next-hop xxx.xxx.51.121 set protocols static route xxx.xxx.0.0/23 next-hop xxx.xxx.51.122 set protocols static route xxx.xxx.31.128/27 next-hop xxx.xxx.51.121 set protocols static route xxx.xxx.31.128/27 next-hop xxx.xxx.51.122 set protocols static route xxx.xxx.31.160/27 next-hop xxx.xxx.51.121 set protocols static route xxx.xxx.31.160/27 next-hop xxx.xxx.51.122 set service dns forwarding allow-from 'xxx.xxx.0.0/0' set service dns forwarding domain 3.168.192.in-addr.arpa. name-server xxx.xxx.1.100 set service dns forwarding domain 31.17.172.in-addr.arpa. name-server xxx.xxx.1.100 set service dns forwarding domain 51.17.172.in-addr.arpa. name-server xxx.xxx.1.100 set service dns forwarding listen-address 'xxx.xxx.31.253' set service dns forwarding listen-address 'xxx.xxx.51.253' set service dns forwarding listen-address 'xxx.xxx.3.253' set service dns forwarding name-server xxx.xxx.8.8 set service dns forwarding name-server xxx.xxx.1.100 set service ntp allow-client xxxxxx 'xxx.xxx.0.0/0' set service ntp allow-client xxxxxx '::/0' set service ntp listen-address 'xxx.xxx.1.253' set service ntp server xxxxx.tld set service ssh port '22' set system name-server 'xxx.xxx.1.100' set system name-server 'xxx.xxx.8.8' Pictures Multiple vApp Deployment - Pre-Req Rename any tanzu-vcsa-4 vm before redeploying again! Link to Tutorials TKC on vSphere with Tanzu on Nested Lab 28GB of RAM! 2 Nested ESXi nodes with 24GB of RAM for testing prupose, but to allow Tanzu Supervisor Cluster and Tanzu Kubernetes Cluster at least 28GB of memory is needed. See the complete tutorial HERE.\n","link":"https://strivevirtually.net/post/update-contributed-to-script-vsphere-with-tanzu-using-nsx-t-automated-lab-deployment-fork-branch-vlan/","section":"post","tags":["lab","Automation","Tanzu","NSX-T","NSX Project","vlan","vrf","vyos"],"title":"**UPDATE - Contributed to Script - vSphere with Tanzu using NSX-T Automated Lab Deployment - Fork branch vlan**"},{"body":"You can grab it from my master branch fork page Or on real William Lam master repo in PR section Note the PR is not Merged probably because VRF routing is broken in this commit, I will release soon a New \u0026gt; branch fork with vlan and vyos config for the upstream router ","link":"https://strivevirtually.net/post/update---contributed-to-script---vsphere-with-tanzu-using-nsx-t-automated-lab-deployment---scaling-out-nsx-edge-cluster--a-a-mode-doubling-edge-tep-esxi-tep-multiple-deployment/","section":"post","tags":["lab","Automation","Tanzu","NSX-T","NSX Edge TEP","ESXi TEP"],"title":"**UPDATE - Contributed to Script - vSphere with Tanzu using NSX-T Automated Lab Deployment - Scaling out NSX Edge Cluster  A/A mode, doubling Edge TEP, ESXi TEP, Multiple deployment**"},{"body":"","link":"https://strivevirtually.net/tags/esxi-tep/","section":"tags","tags":null,"title":"ESXi TEP"},{"body":"","link":"https://strivevirtually.net/tags/nsx-edge-tep/","section":"tags","tags":null,"title":"NSX Edge TEP"},{"body":"Blog post and diagrams made by William Lam to better grasp the new offerings https://williamlam.com/2024/01/whats-in-the-new-vmware-vsphere-foundation-vvf-and-vmware-cloud-foundation-vcf-offers.html in addition to recently published new VMware by Broadcom KB 95927. ","link":"https://strivevirtually.net/post/whats-in-the-new-vmware-vsphere-foundation-vvf-and-vmware-cloud-foundation-vcf-offers/","section":"post","tags":["VCF","VVF"],"title":"**What's in the New VMware VSphere Foundation (VVF) and VMware Cloud Foundation (VCF) Offers?**"},{"body":"","link":"https://strivevirtually.net/tags/vvf/","section":"tags","tags":null,"title":"VVF"},{"body":"NSX-T Manager cluster should consist of 3 VMs. And as a side note: each VM can be located in its own location in MultiSite (see latest NSX-T Multi-Location Design Guide (Federation + Multisite)) (Updated download links). And in an unforeseen event like power outage or underlying storage issue, there is procedure to detach, to redeploy the VM and join the NSX-T Manager cluster (Replacing a faulty NSX-T manager node in a VCF environment (78967)).\nThat said, in the use cases with limited resources, the NSX-T Manager cluster could consist of only a single VM (see bottom of this article for the documentation reference). And in an unforeseen event like power outage or underlying storage issue, there is no way to join the cluster if it consist of a single VM and that one is corrupt.\nOnly NSX Backup could restore the environment, if it has been setup ! But what if NSX Backup has not been setup yet, what to do ?\nHere i present a simple trick that, i believe, is by no means supported, that might allow us to get our cluster recovered from unrecoverableCorfuError that is occurring when the database CorfuDB of NSX-T find its file corrupted. Symptoms: The NSX UI is stuck with error 101: You have a single node cluster, that is one NSX-T manager and not the recommended three. Cluster status could either show error or down status\nadmin \u0026gt; get cluster status verbose\nAnother example with nested VCF 4 nodes setup and outer datastore disk full\nImpact / Risks Some NSX configurations may get deleted.\nThe trick is 3 simple steps and 1 step to confirm when the NSX-T cluster is stable: stopping CorfuDB server service root ~# systemctl stop corfu-server.service\ndelete/rename the last log root ~# cd /config/corfu/log\nroot ~# ls -lrth\nroot ~# mv /config/corfu/log/77.log /config/corfu/log/77.bak\nstarting CorfuDB server service root ~# systemctl start corfu-server.service\nget the cluster status while waiting to become stable admin \u0026gt; get cluster status\nAfter recovering to a stable cluster we will look at the column \u0026quot;LEASE VERSION\u0026quot; matching the new (clean) log generated using the following command: admin \u0026gt; get cluster status verbose\nAlso there is a VMware by Broadcom Knowledge Base article KB90840 with same UnrecoverableCorfuError due to underlying storage issue on service corfu-nonconfig-server. The service name is corfu-nonconfig-server the log directory is /nonconfig/corfu/corfu/log/ I believe the same trick would work as well.\nNote: First this trick is not 100% reliable or it would be have been acknowledged as workaround, and having to wait lengthy dozen minutes for the cluster to come up stable, we often find it simpler to restart the NSX Manager, what i noticed in this case is a large amount read I/O, certainly caused by the sync happening at the start of the service. In my case theses power outage came as frequently as 2-3 time per month due to bad ram / heavy nesting environment causing BSOD. And finally this point out the importance of setting NSX Backup and testing the Restore ! And the placement of this SFTP backup server, as per the latest VMware® NSX-T Reference Design (Updated download links) : 7.3.4.4 Singleton NSX Manager The resources required to run a cluster of three NSX Managers may represent a challenge in small environments. Starting with NSX version 3.1, VMware supports deploying a single NSX manager in production environments. This minimal deployment model relies on vSphere HA and the backup and restore procedure to maintain an adequate level of high availability. vSphere HA will protect against the failure of the physical host where the NSX manager is running. vSphere HA will restart NSX Manager on a different available host. Enough resources must be available on the surviving hosts; vSphere HA admission control can help ensure they are available in case of failure. Backup and restore procedures help in case of failure of the NSX manager itself. The SFTP server where the backup is stored should not be placed on an infrastructure shared by the single NSX Manager node. Quick dive deep into the CorfuDB history: It is log appending database with fast performance, (think like Kafka), where log consist not only of text but also binary. When i mean fast, i mean CorfuDB can write dozens if not hundreds thousands time per seconds ! Source: https://github.com/CorfuDB/CorfuDB/wiki/White-papers ","link":"https://strivevirtually.net/post/recover-from-nsx-t-unrecoverablecorfuerror-due-to-power-loss-or-storage-issue-in-singleton-nsx-manager-cluster/","section":"post","tags":["Troubleshooting","NSX-T"],"title":"**Recover From NSX T UnrecoverableCorfuError Due to Power Loss or Storage Issue in Singleton NSX Manager Cluster**"},{"body":"","link":"https://strivevirtually.net/tags/troubleshooting/","section":"tags","tags":null,"title":"Troubleshooting"},{"body":"VMTN Flings\nUpdate May 6, 2024 Flings the new links after VMware by Broadcom Day 2 transition Like before we need to login, we have to agree the license agreement, here at the bottom of the page, although Flings always been FREE.\n","link":"https://strivevirtually.net/post/vmware-by-broadcom-flings-continue/","section":"post","tags":["Flings"],"title":"**VMware by Broadcom Flings Continue**"},{"body":"","link":"https://strivevirtually.net/tags/flings/","section":"tags","tags":null,"title":"Flings"},{"body":"By Krish Prasad, Senior Vice President and General Manager, VMware Cloud Foundation Division: VMware by Broadcom business transformation. Also a new chapter on Desktop Hypervisor continue ","link":"https://strivevirtually.net/post/vmware-by-broadcom-dramatically-simplifies-offer-lineup-and-licensing-model/","section":"post","tags":["VCF","VVF","VMware by Broadcom"],"title":"**VMware by Broadcom Dramatically Simplifies Offer Lineup and Licensing Model**"},{"body":"","link":"https://strivevirtually.net/tags/vmware-by-broadcom/","section":"tags","tags":null,"title":"VMware by Broadcom"},{"body":"Hock Tan : President and Chief Executive Officer \u0026quot;Providing best-in-class solutions for our customers, partners and the industry\u0026quot; ","link":"https://strivevirtually.net/post/broadcom-announces-successful-acquisition-of-vmware/","section":"post","tags":["Broadcom","VMware"],"title":"**Broadcom Announces Successful Acquisition of VMware**"},{"body":"","link":"https://strivevirtually.net/tags/broadcom/","section":"tags","tags":null,"title":"Broadcom"},{"body":"","link":"https://strivevirtually.net/tags/vmware/","section":"tags","tags":null,"title":"VMware"},{"body":"Links to videos and direct download links to supporting presentation slides. VMware Explore EMEA 2023 Breakout Session URLs VMware Explore US 2023 Breakout Session URLs ","link":"https://strivevirtually.net/post/vmware-explore-2023-breakout-session-urls/","section":"post","tags":["VMware Explore"],"title":"**VMware Explore 2023 Breakout Session URLs**"},{"body":" VMware by Broadcom TechDocs - VMware-vSphere 8.0 - Workflow for Deploying a Supervisor with NSX Networking In the following section we will do a three-zone Supervisor deployment type.\nDeploy 1st VSAN Cluster (+1h)vSphere with Tanzu using NSX-T Automated Lab same as before Deploy 2nd and 3rd VSAN Clusters (15min each) vSphere with Tanzu using NSX-T Automated Lab Todo after 3 Clusters deployments Deploy NSX T0 VRF and Project and VPC Subnets Segments IP Blocks (3 min) Create Zonal Storage Policy Multi-AZ-Storage-Policy Create 3 zones with the 3 Clusters Workload Control Plane (WCP) Enablement in Workload Management Enablement Begining to Ready Next Enterprise Developper's Tasks: Give a name to a Namespace, Deploy Class-Based or Tanzu Kubernetes Cluster (TKC) and, Deploy a stateful app with Cluster HA. Next Service Provider's Tasks: Create a provider VDC backed by a Supervisor Cluster, Publish a Provider VDC Kubernetes Policy to an Organization VDC in VMware Cloud Director, Offers Kubernetes as a Service (CaaS). Deploy 1st VSAN Cluster (+1h)vSphere with Tanzu using NSX-T Automated Lab same as before With 3 Nested Esxi, if it is a requirement to fit in 128GB Memory box then specify only 1 Esxi hostname ip, this is possible with $hostFailuresToTolerate = 0 Fill the value of these 3 variables\u0026gt;\n$NestedESXiHostnameToIPs = @{...} $NewVCVSANClusterName = \"Workload-Cluster-1\" $vsanDatastoreName = \"vsanDatastore-1\" 1st Cluster Deploy 2nd and 3rd VSAN Clusters (15min each) vSphere with Tanzu using NSX-T Automated Lab Change values of these 3 variables for 2nd and 3rd cluster deployments, Change to fixed value for the $VAppName Change value of already deployed VMs (VCSA, NSXManager, NSXEdge) to 0, Change value in $postDeployNSXConfig from $true to $false for all variables except ($runHealth, $runTransportNodeProfile, $runAddEsxiTransportNode), $NestedESXiHostnameToIPs = @{ $NewVCVSANClusterName = \"Workload-Cluster-2\" $vsanDatastoreName = \"vsanDatastore-2\" $VAppName = \"Nested-vSphere-with-Tanzu-NSX-T-Lab-qnateilb\" # \"Nested-vSphere-with-Tanzu-NSX-T-Lab-$random_string\" # Random string can be used on the first cluster but reuse the $VAppName for 2nd and 3rd cluster deployments. $preCheck = 1 $confirmDeployment = 1 $deployNestedESXiVMs = 1 $deployVCSA = 0 $setupNewVC = 1 $addESXiHostsToVC = 1 $configureVSANDiskGroup = 1 $configureVDS = 1 $clearVSANHealthCheckAlarm = 1 $setupTanzuStoragePolicy = 1 $setupTKGContentLibrary = 1 $deployNSXManager = 0 $deployNSXEdge = 0. $postDeployNSXConfig = 1 $setupTanzu = 1 $moveVMsIntovApp = 1 $deployProjectExternalIPBlocksConfig = 0 $deployProject = 0 $deployVpc = 0 $deployVpcSubnetPublic = 0 $deployVpcSubnetPrivate = 0 if($postDeployNSXConfig -eq 1) { $runHealth=$true $runCEIP=$false $runAddVC=$false $runIPPool=$false $runTransportZone=$false $runUplinkProfile=$false $runTransportNodeProfile=$true $runAddEsxiTransportNode=$true $runAddEdgeTransportNode=$false $runAddEdgeCluster=$false $runNetworkSegment=$false $runT0Gateway=$false $runT0StaticRoute=$false $registervCenterOIDC=$false 2nd Cluster 3rd Cluster NSX View VCENTER View Todo after 3 Clusters deployments Esxi -\u0026gt; Configure -\u0026gt; TCP/IP Configuration -\u0026gt; IPV6 CONFIGURATION -\u0026gt; Disable Esxi -\u0026gt; Configure -\u0026gt; TCP/IP Configuration -\u0026gt; Default -\u0026gt; Edit -\u0026gt; copy 'Search domains' to 'Domain' Esxi -\u0026gt; Configure -\u0026gt; TCP/IP Configuration -\u0026gt; Default -\u0026gt; Edit -\u0026gt; inverse Preferred and Alternate DNS server if needed. (In my case this is part of why Workload Enablement wouldn't come up) SSH Esxi's Reboot via Send to all 'Multitab Putty' and Enter in each Esxi's Tab Snapshot/Export the Outer ESXi VM or the Lab vApp Start the Lab vApp and reset the alarms SSH virtual routeur, i use vyos, configure a static route each Project and VPC Subnet IP/Netmask via $T0GatewayInterfaceAddress (In my case this is the other part of why Workload Enablement wouldn't come up). Deploy NSX T0 VRF and Project and VPC Subnets Segments IP Blocks (3 min) Fill the variables of section: Project ,Public Ip Block, Private Ip Block VPC, Public Subnet, Private Subnet VMware by Broadcom TechDocs - VMware-NSX 4.1 - Add a Subnet in an NSX VPC Self Service Consumption with Virtual Private Clouds Powered by NSX\n(Gotcha: $VpcPublicSubnetIpaddresses must be a subset of $ProjectPUBcidr, and can't use the first or last subnet block size.)\nT0 VRF Gateway Which T0 to use for the Project External connectivity : $T0GatewayName or $T0GatewayVRFName (This option is important as it determine whether the T0 VRF Gateway is created or not.) $ProjectT0 = $T0GatewayVRFName Change values of all variables to 0 and set to 1 ($preCheck , $confirmDeployment , Project's and Vpc's ones). $VAppName = \"Nested-vSphere-with-Tanzu-NSX-T-Lab-qnateilb\" # \"Nested-vSphere-with-Tanzu-NSX-T-Lab-$random_string\" # Random string can be used on the first cluster but reuse the $VAppName for 2nd and 3rd cluster deployments. $preCheck = 1 $confirmDeployment = 1 $deployNestedESXiVMs = 0 $deployVCSA = 0 $setupNewVC = 0 $addESXiHostsToVC = 0 $configureVSANDiskGroup = 0 $configureVDS = 0 $clearVSANHealthCheckAlarm = 0 $setupTanzuStoragePolicy = 0 $setupTKGContentLibrary = 0 $deployNSXManager = 0 $deployNSXEdge = 0 $postDeployNSXConfig = 0 $setupTanzu = 0 $moveVMsIntovApp = 0 $deployProjectExternalIPBlocksConfig = 1 $deployProject = 1 $deployVpc = 1 $deployVpcSubnetPublic = 1 $deployVpcSubnetPrivate = 1 Note: Screenshot the summary before confirming as a reminder of the Subnet IP/Netmask later.\nDeploy VRF, Project, VPC with all associated networking (IpBlocks, Segments, Subnets, NAT, Routing, DHCP) in 3.27 minutes. Florilege of NSX API call from 2 PowerCLI Modules and from straight REST call. NSX Topology T0/VRF - Project - VPC Create Zonal Storage Policy Multi-AZ-Storage-Policy VMware by Broadcom TechDocs - VMware-vSphere 8.0 - Create Storage Policies for vSphere Supervisor\nMulti-AZ/Create-MultiAZ-Storage-Policy-01.png\nMulti-AZ/Create-MultiAZ-Storage-Policy-01.png\nMulti-AZ/Create-MultiAZ-Storage-Policy-02.png\nMulti-AZ/Create-MultiAZ-Storage-Policy-02.png\nMulti-AZ/Create-MultiAZ-Storage-Policy-03.png\nMulti-AZ/Create-MultiAZ-Storage-Policy-03.png\nMulti-AZ/Create-MultiAZ-Storage-Policy-04.png\nMulti-AZ/Create-MultiAZ-Storage-Policy-04.png\nMulti-AZ/Create-MultiAZ-Storage-Policy-05.png\nMulti-AZ/Create-MultiAZ-Storage-Policy-05.png\nMulti-AZ/Create-MultiAZ-Storage-Policy-06.png\nMulti-AZ/Create-MultiAZ-Storage-Policy-06.png\nMulti-AZ/Create-MultiAZ-Storage-Policy-07.png\nMulti-AZ/Create-MultiAZ-Storage-Policy-07.png\nMulti-AZ/Create-MultiAZ-Storage-Policy-08.png\nMulti-AZ/Create-MultiAZ-Storage-Policy-08.png\nMulti-AZ/Create-MultiAZ-Storage-Policy-09.png\nMulti-AZ/Create-MultiAZ-Storage-Policy-09.png\nMulti-AZ/Create-MultiAZ-Storage-Policy-10.png\nMulti-AZ/Create-MultiAZ-Storage-Policy-10.png\nCreate 3 zones with the 3 Clusters VMware by Broadcom TechDocs - VMware-vSphere 8.0 - Deploy a Three-Zone Supervisor with NSX Networking\nWorkload Control Plane (WCP) Enablement in Workload Management Wld-Mgmt/Workload-Management-1.png\nWld-Mgmt/Workload-Management-1.png\nWld-Mgmt/Workload-Management-2.png\nWld-Mgmt/Workload-Management-2.png\nWld-Mgmt/Workload-Management-3.png\nWld-Mgmt/Workload-Management-3.png\nWld-Mgmt/Workload-Management-4.png\nWld-Mgmt/Workload-Management-4.png\nWld-Mgmt/Workload-Management-5.png\nWld-Mgmt/Workload-Management-5.png\nWld-Mgmt/Workload-Management-6.png\nWld-Mgmt/Workload-Management-6.png\nWld-Mgmt/Workload-Management-7.png\nWld-Mgmt/Workload-Management-7.png\nWld-Mgmt/Workload-Management-8.png\nWld-Mgmt/Workload-Management-8.png\nEnablement Begining to Ready Next Developpers Tasks:Give a name to a Namespace, Deploy Class-Based or Tanzu Kubernetes Cluster (TKC) and, Deploy a stateful app with Cluster HA. Here a post on how to deploy TKC with minimal resources\nVMware by Broadcom TechDocs : Provisioning TKG Service Clusters\nNext Service Provider's Tasks: Create a provider VDC backed by a Supervisor Cluster, Publish a Provider VDC Kubernetes Policy to an Organization VDC in VMware Cloud Director, Offers Kubernetes as a Service (CaaS). Here a post on how to Create a provider VDC backed by a Supervisor Cluster in VMware Cloud Director\nVMware by Broadcom TechDocs : Publish a Provider VDC Kubernetes Policy to an Organization VDC in VMware Cloud Director\n","link":"https://strivevirtually.net/post/a-usecase-vsphere-with-tanzu-using-nsx-project-vpc-networks-and-with-multi-k8s-cluster-high-availability-using-vsphere-zones/","section":"post","tags":["VMware Explore","lab","Automation","Tanzu","NSX-T","vrf","NSX Project","NSX VPC","vSphere Zones"],"title":"**A Usecase vSphere With Tanzu Using NSX Project VPC Networks and With Multi K8s Cluster High Availability Using VSphere Zones**"},{"body":"","link":"https://strivevirtually.net/tags/nsx-vpc/","section":"tags","tags":null,"title":"NSX VPC"},{"body":"","link":"https://strivevirtually.net/tags/vsphere-zones/","section":"tags","tags":null,"title":"VSphere Zones"},{"body":"Nov 11, 2023 Update Now merged to William Lam master repo! https://github.com/lamw/vsphere-with-tanzu-nsxt-automated-lab-deployment My Fork with Branch NSX4 github.com/abbedsedk/vsphere-with-tanzu-nsxt-automated-lab-deployment/tree/nsx4 Updated for vSphere 8.0 and NSX 4.1.1 due to API changes since vSphere 7 and NSX 3. Added a few checks to allow reuse of existing objects like vCenter VDS, VDPortGroup, StoragePolicy, Tag and TagCategory, NSX TransportNodeProfile. Added FAQ to create multiple Clusters, and using the same VDS/VDPortGroup, This allow Multi Kubernetes Cluster High-Availability with vSphere Zone and Workload Enablement. Added a few pause in the usecase where we deploy only a new cluster to allow Nested ESXi to boot and fully come online (180s) and before VSAN Diskgroup creation (30s). Added FTT configuration for VSAN allowing 0 redundancy and to use only one node demo lab VSAN Cluster. (This allow the whole Nested MultiAZ Tanzu lab with NSX VRF, Project, VPC, to run on 128GB box and the play by play of this usecase is next.)\n$hostFailuresToTolerate = 0 Added pause to the script to workaround without babysitting for AMD Zen DPDK FastPath capable owner CPU.\n$NSXTEdgeAmdZenPause = 0 Added -DownloadContentOnDemand option in TKG Content Library to prevent the download in advance of 250GB and reduce to a few GB. Added T0 VRF Gateway Automated Creation with Static route like the Parent T0 (Note: an uplink segment '$NetworkSegmentProjectVRF' is connected to parent T0 for connectivity to outside world)\nAdded Project and VPC Automated Creation. ","link":"https://strivevirtually.net/post/update-contributed-to-script-vsphere-with-tanzu-using-nsx-t-automated-lab-deployment-with-nsx-vrf-project-vpc/","section":"post","tags":["VMware Explore","lab","Automation","Tanzu","NSX-T","vrf","NSX Project","NSX VPC","VSAN"],"title":"**UPDATE - Contributed to Script - vSphere with Tanzu using NSX-T Automated Lab Deployment - with NSX VRF, Project, VPC**"},{"body":"Find me Here along all the VMware vExpert around the Globe\nhttps://vexpert.vmware.com/directory/10999\n","link":"https://strivevirtually.net/post/honored-to-be-part-of-the-vmware-vexpert-community-in-2023/","section":"post","tags":["vEXPERT"],"title":"**Honored to be part of the VMware vExpert community in 2023 !**"},{"body":"Automated VMware Cloud Foundation Lab Deployment script PR After the customization of the vm done and CB validation is all green, rerun the script with all option set to 0 execpt\n$preCheck = 1 $confirmDeployment = 1 $exportVMs = 1 The option can be set to run following the deployment or at later time wich is prefered to save a state of the Lab VMs as OVA at later time.\nA FAQ is added to explain how to set option.\nNote that script is coded to export the VMs of the latest vApp deployed by the script that start with the base vApp name Nested-VCF-Lab-\n15 min to stop, export as OVA, and start back the VMs\n","link":"https://strivevirtually.net/post/update---contributed-to-script-automated-vmware-cloud-foundation-lab-deployment---added-export-option-nested-vcf-lab-vms/","section":"post","tags":["lab","Automation","VCF"],"title":"**UPDATE PR Not Merged - Contributed to Script Automated VMware Cloud Foundation Lab Deployment - Added Export Option Nested VCF Lab VMs**"},{"body":"Because i was unable to deploy multiple time i created an issue then a PR that got merged to master repo Automated VMware Cloud Foundation Lab Deployment Credit to LucD from VMTN Updated link ","link":"https://strivevirtually.net/post/update---contributed-to-script-automated-vmware-cloud-foundation-lab-deployment---enable-multiple-deployment-on-the-same-cluster/","section":"post","tags":["lab","Automation","VCF"],"title":"**UPDATE Merged - Contributed to Script Automated VMware Cloud Foundation Lab Deployment - Enable Multiple Deployment on the Same Cluster**"},{"body":"Follow-up on 02/14/2023 previous issue. Found that the root cause to be a nested lab environment use case or CPU-I/O contention on the hosts, occurring on a task towards the end of the bringup called \u0026quot;Configure Base Install Image Repository on SDDC Manager\u0026quot;, that copy VCSA ISO and NSX OVA to an NFS on the 4 Nested ESXi VSAN datastore, that made the CPU to the roof and consequently applications ruuning in the three VMs vCenter, NSX and SDDC manager had kernel stuck at one point or multiple time. Looking deeper into it, i think the subsequent tasks might had issue with kernel stuck vms (i feel there maybe missing pieces to understand it all ...).\nWas monitoring while that contention happened, then made screenshots CPU and I/O usage of 2 SDDC bringup at time of that copy task to illustrate: One VCF Bringup when that whole issue occured with 4 nested ESXi, One VCF Bringup with 1 nested ESXi using FTT=0 trick given by William Lam. Using less vCPUs (8 instead of 4x8) and a faster I/O capable NVMe SSD (PCIe 4.0 instead of 3.0) confirmed without kernel stuck all is well.\nI think that on real gears this should not happen.\n","link":"https://strivevirtually.net/post/comparing-cpu-i-o-usage-during-vcf-sddc-management-bringup-on-4-vs-1-nesed-esxi-node/","section":"post","tags":["VCF","Cloud Builder","SDDC Manager","lab","Nested Esxi","VSAN"],"title":"**Comparing CPU I/O Usage During VCF SDDC Management Bringup on 4 vs 1 Nested ESXi Node**"},{"body":"B.O.M 308€\nUsed AMD Ryzen7 3700X 3,6 GHz 7NM L3 = 32M at 158€ This link is dead\nNetac SSD 2tb M2 NVMe PCIe 4.0 x4 at 150€ This became cheapper!\nOrdered on 02/11/2023 and received 03/03/2023 but was worth the wait, not only did it come from the Official Netac store but on the back it says Quality Check \u0026quot;QC PASS 02/2023\u0026quot;.\nNote you have to have PCIe 4.0 capable motherboard, i choosen mine MSI X570 just for that and the fact that it run my older Ryzen 2700.\nWhat to expect of this speedup i mean from PCIe 3.0 at 2000MB/s to PCIe 4.0 at 7000MB/s sequential read/write throughput, not really that because we all know OSes use mixed read/write random 4KB, nevertheless VCF Nested deploy twice faster in 15 minutes instead of 30 because the bandwidth is twice faster 😀\n","link":"https://strivevirtually.net/post/pcie-4.0-lab-upgrade-amd-ryzen-3700x-and-netac-nv7000/","section":"post","tags":["lab","upgrade"],"title":"**PCIE 4.0 LAB UPGRADE   AMD Ryzen 3700X + Netac NV7000**"},{"body":"","link":"https://strivevirtually.net/tags/upgrade/","section":"tags","tags":null,"title":"Upgrade"},{"body":"VMware Cloud Foundation with a single ESXi host for Workload Domain? williamlam.com.\nThis will give room to play Workload VI Domain in the futur or AVN although AVN require 2 NSX Edges and there is contrainst to run these on separate ESXi host. ","link":"https://strivevirtually.net/post/william-lams-arcticle-vcf-with-a-single-esxi-host-for-workload-management-domain/","section":"post","tags":["lab","Automation","VCF"],"title":"**William Lam's Arcticle VCF With a Single ESXi Host for Workload Management Domain**"},{"body":"Removing NSX CPU/Memory reservations when deploying a VMware Cloud Foundation (VCF) Management or Workload Domain williamlam.com. 03/21/2023 Update I followed the steps but in my case i had some issues with directory returned by ovftool wich needed /${NSX_FILENAME}/ in the path of the commands and as final step to get the modified NSX ova into the overlay part of \u0026quot;/mnt/iso/\u0026quot; known as \u0026quot;/upper/\u0026quot; from \u0026quot;/work/\u0026quot;.\n/mnt/iso/...ova # the bringup is seeing this directory wich is combination of the following 'oldiso' RO + 'upper' RW directories | /root/oldiso/...ova # read only filesystems + /overlay/upper/...ova # read write filesystems /overlay/work/work/...ova # read write filesystems As final step i simply issued a \u0026quot;cp\u0026quot; of the ova from \u0026quot;/work\u0026quot; to \u0026quot;/upper\u0026quot; wich is writable and it was presented in the \u0026quot;/mnt/iso\u0026quot; thus shared these on the page that what has worked for me.\n","link":"https://strivevirtually.net/post/william-lams-arcticle-removing-nsx-cpu-memory-reservations-when-deploying-a-vcf-management-or-workload-domain/","section":"post","tags":["lab","Automation","VCF","Cloud Builder","NSX-T"],"title":"**William Lam's Arcticle Removing NSX CPU Memory Reservations When Deploying a VCF Management or Workload Domain**"},{"body":"First the ovas import wizard don't need to be filled as the default are already set for our environment when used the Export option from VCF Lab script Export option - Vyos One thing to do on the vyos console is to remove occurence of old mac address \u0026quot;hw-id\u0026quot; and any new interfaces in the config.boot file using (note: you can change the keyboard layout in the console with sudo loadkeys fr replace the country code)\nvi /config/config.boot dd # command to delete line then save it with \":\" \"wq!\" configure load /config/config.boot save exit reboot note: you got to learn where US QWERTY keymap are if you have AZERTY keyboard or be sure to load your regional keymap with \u0026quot;sudo loadkeys fr\u0026quot; (\u0026quot;fr\u0026quot; for french keymap)\n- nested ESXi and check NTP One thing to do on all nested ESXi VM uppon import as well is to:\nSSH into each of them to remount permanently the OS volume with this one liner for example Using Multi Tabbed Putty mtputty\nSSH all 4 nestedesxi tick send to all UUID=$( esxcfg-volume -l | grep UUID | cut -b 17-52 ); esxcfg-volume -M $UUID hit ENTER SSH cb tick send to all Recheck NTP ntpq -p hit ENTER At this point not all Esxi had NTP running or even setup or sitting in INIT state.\nConfigure NTP server on nested ESXi We're tempted to edit ntp.conf but there is a comment that tell not to\n[root@vcf-m01-esx02:~] cat /etc/ntp.conf `# Do not edit this file, config store overwites it So how do we it:\nTroubleshooting NTP on ESX and ESXi 6.x / 7.x / 8.x (KB 1005092)\nfor builds 7.0.3 onwards this KB explain how to add \u0026quot;tos maxdist 15\u0026quot; setting\nSo we can use this same method to configure the server setting\n/etc/init.d/ntpd restart NTPold=\"`cat /etc/ntp.conf | grep server`\" NTPprefered=\"server 0.pool.ntp.org\" cp /etc/ntp.conf /etc/ntp.conf.bak -f \u0026\u0026 sed -i 's/'\"$NTPold\"'/'\"$NTPprefered\"'/' /etc/ntp.conf.bak \u0026\u0026 esxcli system ntp set -f /etc/ntp.conf.bak cp /etc/ntp.conf /etc/ntp.conf.bak -f \u0026\u0026 echo \"tos maxdist 15\" \u003e\u003e /etc/ntp.conf.bak \u0026\u0026 esxcli system ntp set -f /etc/ntp.conf.bak esxcli system ntp set -e 0 \u0026\u0026 esxcli system ntp set -e 1 /etc/init.d/ntpd restart ntpq -p NTP service auto start is not working in ESXi 7.0 (KB 80189)\nchkconfig --list ntpd\tchkconfig ntpd on\treboot That's it, you're set for success! Remember before you begin the bringup to shutdown all VMs to snapshots them all, just to be safe!\n","link":"https://strivevirtually.net/post/importing-vms-vyos-and-nested-esxi-checking-and-configuring-ntp/","section":"post","tags":["lab","nested esxi","ntp","vyos"],"title":"**Importing VMs Vyos and Nested ESXi, Checking and Configuring NTP**"},{"body":"Similar to 02/08/2023 previous issue 1) NSXT MANAGER root admin audit account Just as in the post before click on the 3 dots and REMEDIATE using same password used in the deployment script. 2) ESXI service accounts Steps to recover expired Service Accounts in VMware Cloud Foundation (KB 83615)\nSSH into each of the 4 Nested ESXi For vcf-m01-esx01\n1[root@vcf-m01-esx01:~] passwd svc-vcf-vcf-m01-esx01 2[root@vcf-m01-esx01:~] Changing password for svc-vcf-vcf-m01-esx01 3[root@vcf-m01-esx01:~] Enter new password:\t4[root@vcf-m01-esx01:~] Re-type new password: 5[root@vcf-m01-esx01:~] passwd: password updated successfully Repeat for each Nested ESXi\n(note i didn't do the reset failed login part)\nSDDC Manager ESXI svc accounts -\u0026gt; 3dots REMEDIATE with this newly created password 3) PSC - KB: Password rotation for administrator@vsphere.local causes issues when multiple VMware Cloud Foundation instances share a single SSO domain (KB 85485) We must be logged with an another SSO user with ADMIN role to be able to click REMEDIATE on PSC administrator@vsphere.local I think a proper SSO ADMIN user like vcf-secure-user@vsphere.local illustrated in the KB is the way to go on production.\nIn my case since it was a lab i found an SSO account, so i promoted it to admin role.\nDisclamer: i do not know if that is the supported even thought: from the remediate password window we learn that service acount will be rotate after the remediate, we can remove admin role from this service account.\nUsing a) SDDC manager UI or b) vCenter UI, it's easly done instead of API\na) SDDC manager UI as administrator@vsphere.local -\u0026gt; Single Sign On -\u0026gt; +USERS AND GROUPS -\u0026gt; Search User: svc Refine search by: Single User, Domain: vsphere.local Select the user svc-vcf-m01-nsx01-vcf-m01-vc01 -\u0026gt; Choose Role: ADMIN (note this can also be done from vCenter see below), then click ADD. b) vCenter UI as administrator@vsphere.local -\u0026gt; Licensing -\u0026gt; Single Sign On -\u0026gt; Users and Groups -\u0026gt; Users -\u0026gt; Domain: vsphere.local, Find: svc Select the user svc-vcf-m01-nsx01-vcf-m01-vc01 -\u0026gt; Choose Role: Administrator , then click OK. EDIT: Password, Confirm Password, then click SAVE. c) SDDC manager UI login as svc-vcf-m01-nsx01-vcf-m01-vc01@vsphere.local -\u0026gt; Security -\u0026gt; Password Management -\u0026gt; PSC -\u0026gt; administrator@vsphere.local -\u0026gt; REMEDIATE again using the same original password d) logout e) optionally redo a) but select the 3dots and remove the admin role on this service SSO user. Update When we mouse hover ⓘ there is a bubble informing us that sync should be happening no more than 24h.\nSo mine fall in expected result because i didn't give a chance after the deployment to sync and refresh, less than 24h.\nLesson learned, if this happening again i will wait 24h before taking action.\nRelated this with someone experiencing similar effect on VMTN (Updated link) VCF 4.5.0 reporting accounts disconnected.\n","link":"https://strivevirtually.net/post/sddc-mananger-8-accounts-disconnected/","section":"post","tags":["lab","vcf","cloud builder","sddc manager"],"title":"**SDDC Mananger 8 Accounts Disconnected**"},{"body":"PR\nAllow additional NSX-T Edge nodes #32 Now merged\nWilliam vSphere with Tanzu using NSX-T Automated Lab Deployment Note: the script still use ha mode \u0026quot;ACTIVE_STANDBY\u0026quot; and edge uplink profile policy \u0026quot;FAILOVER_ORDER\u0026quot;, but we can deploy more one edge in the same edge cluster with this PR.\n","link":"https://strivevirtually.net/post/update---contributed-to-script---vsphere-with-tanzu-using-nsx-t-automated-lab-deployment---to-allow-additional-nsx-t-edge-nodes./","section":"post","tags":["lab","Automation","Tanzu","NSX-T"],"title":"**UPDATE Merged - Contributed to Script vSphere With Tanzu Using NSX-T Automated Lab Deployment - to Allow Additional NSX-T Edge Nodes**"},{"body":"After a complete VCF Management deployment, at first logon SDDC Manager show alert Account Disconnected NSXT MANAGER The trick here is to understand, the text \u0026quot;Specify the password that was set manually on the component\u0026quot;, that means the same password we set on the deployment script, more than the misleading warning. ","link":"https://strivevirtually.net/post/sddc-manager-account-disconnected-nsxt-manager/","section":"post","tags":["lab","vcf","cloud builder","sddc manager"],"title":"**SDDC Manager Account Disconnected NSXT MANAGER**"},{"body":"Troubleshooting Cloud Builder issue with minimal lab memory. Clicking on NSX Install Fail.. we see that the ESXi host is lacking memory. This 2nd Esxi Node happened to be one hosting the NSX VM but it had more than 13GB of free memory. We can work around this issue by live migrating the NSX vm to the 3rd ESXi node, and then hit the Resolve Button. We see an unknown node status, but from KB 94377 we learn that is health check issue. Next install of the HA agent onto this exact same 3rd ESXi Node fail. I was thinking of doing the same trick with live Migration of NSX but not possible, then i shutdown NSX and migrated it to ESXi 4th node. But then it wouldn't power on. Needing an extra ~200MB. Looking at the 4th ESXi node there was plenty of memory apparently 28.7GB. At that point i was curious, from vCenter enabled SSH service since it's stopped during bringup, to have a look at the available Reservation memory for the user namespace using this command found on VMTN:\n1memstats -r group-stats -g0 -l2 -s gid:name:parGid:nChild:min:max:conResv:availResv:memSize -u mb 2\u0026gt; /dev/null | sed -n \u0026#39;/^-\\+/,/.*\\n/p\u0026#39; I figured out that if NSX need 16384MB of reservation when here we see 16372MB reservation available + 178 MB overhead, 16384-16372+178=200MB that would explain why vCenter admission failure wouldn't let NSX vm power on.\nThe solution is easy, just bump the ESXi memory a bit more, at that time i was testing 42GB, so redone the lab with 46GB and it worked flawlessly on these tasks.\nPR Solution now merged to master repo in https://github.com/lamw/vcf-automated-lab-deployment. Stay tunned for the next series of issues/solutions (VMCA, SSH Key Rotate, account disconnected from SSDC Manager).\n","link":"https://strivevirtually.net/post/update---contributed-to-script-automated-vmware-cloud-foundation-lab-deployment---esxi-needed-at-least-46gb-for-vcf-cloud-builder-bringup/","section":"post","tags":["lab","Automation","VCF","Cloud Builder","NSX-t","VCENTER","ESXI"],"title":"**UPDATE Merged - Contributed to Script Automated VMware Cloud Foundation Lab Deployment - ESXi needed at least 46GB for VCF Cloud Builder Bringup**"},{"body":"If you do know how to connect the VirtualInfrastrure then that can be done in one liner powershell to export the VApp:\nGet-VM -Name vcf-m01-* | Export-VApp -Destination \"D:\\VM\\Nested\\Vapp\\\" -Force -Format Ova | Out-Null If you don't, i'll soon make a PR to William Lam's script to add ExportVM option (Just leave option $exportVMs = 0, for the deployment)\nUpdate 04/01/2023 PR Done https://github.com/lamw/vcf-automated-lab-deployment/pull/8 Customization pre export: Use multi tabbed SSH client, on Windows MTPuTTY is free. For Cloud Builder vm ssh to it and extend this two timeout:\nsed -i 's/ovf.deployment.timeout.period.in.minutes=40/ovf.deployment.timeout.period.in.minutes=180/' /opt/vmware/bringup/webapps/bringup-app/conf/application.properties sed -i -e's/nsxt.disable.certificate.validation=true/nsxt.disable.certificate.validation=true\\nnsxt.manager.wait.minutes=180/' /opt/vmware/bringup/webapps/bringup-app/conf/application.properties systemctl restart vcf-bringup systemctl status vcf-bringup Note: the second timeout \u0026quot;nsxt.manager.wait.minutes\u0026quot; is shown in vcf-bringup-debug.log in milliseconds and converting it from 1 200 000 ms, it is 20 minutes and this is part of why the installation of NSX bits is interrupted, the other reason is a lack of memory on ESXi wich have been fixed in the script to be 46GB.\nAfter the customization of the vm done and CB validation is all green, rerun the script with all option set to 0 execpt\n$preCheck = 1 $confirmDeployment = 1 $exportVMs = 1 Export the Virtual router's VMs Additionally export also your virtual router(s), in my case it is a csr1000v, supposedly there are deployed with name convention csr-*\nGet-VM -Name csr-* | Export-VApp -Destination \"D:\\VM\\Nested\\Vapp\\\" -Force -Format Ova | Out-Null If your virtual router(s) is/are Vyos, supposedly there are deployed with name convention vyos-*\nGet-VM -Name vyos-* | Export-VApp -Destination \"D:\\VM\\Nested\\Vapp\\\" -Force -Format Ova | Out-Null ","link":"https://strivevirtually.net/post/update-export-the-nested-vcf-lab-vms/","section":"post","tags":["lab","Automation","nested esxi","vyos"],"title":"**UPDATE - Export the Nested VCF Lab VMs**"},{"body":"Just asked for it few days ago here, then shared some of these tips on William Lam website and on the same day, (would you believe it ?) a PR and a merge make it happen ! The virtualization community is fast 😀.\nAutomated VMware Cloud Foundation Lab Deployment This version include fix for step 1,3,4 (need to follow the KB i choose option 2 patch with winscp or integrate it in the ova),5,7 from my previous post VCF V4.5 Lab. ","link":"https://strivevirtually.net/post/update---good-news---script-automated-vmware-cloud-foundation-lab-deployment---new-version-already-here-/","section":"post","tags":["lab","Automation","VCF","Cloud Builder","NSX-t","VCENTER","ESXI"],"title":"**UPDATE - Good News - script Automated VMware Cloud Foundation Lab Deployment - new version already here !**"},{"body":" Via Ferrata NorthFace VicDessos France strivevirtually.net Abbed Sedkaoui About me : I am Abbed Sedkaoui, worked on VMware virtualization, since GSX and ESX 3, and before that on Virtual Server and VirtualPC from Connectix who also first made Virtual Game Station (VGS a PSX that holded in a floppy disk 1.41MB) back in 1998, all the way up to today latest VCF VMware Cloud Foundation infrastructure VMware Cloud SDDC is based on.\nIn my views \"it\" (the Cloud) all started since 2008 with the advent of AMD \"Nested Pages\" and then 2009 Intel \"Extended Pages Tables\" in their processor became the trends for alot of networking devices: for Router i think VRF (Virtual Routing and Forwarding), for Firewall (Context), for Switch (VSI Virtual Switching Instance).\nAnd Hopefully for us labbers we get since then the ability to deploy End2End all virtualized infrastructure :) Following William Lam since around that times. Fast forward 2023 successfully deploying VCF, i am certified VCP-VMC VCP-VCF Administrator. As of May 6, 2024 Good News, All VMware by Broadcom Certification Exams are Requirement FREE (which means no paid course only the exams fee of 250$).\nAs of 2025 50% off VCP exam with VMUG Advantage Membership and also free as vExpert we get free VMUG Advantage Membership so all in place if you want dive into VMware starting blogging right now and apply for vExpert from 15th December to 15th January every extended to 2th February this Year, an appeal is possible and a second half Year vExpert application will again give you the chance to be part of this wonderful community.\nStarting 2026 with exciting VCF 9 Betas or AI vExpert Subprogram scheduled.\nProudly part of VMware vExpert community since 2023 for my \"significant contributions to the VMware virtualization and cloud community\" as stated by the former CEO in the certificate. About this site : i'll share what worked for me when facing issues and \"the problem solving critical thinking mindset\" (i know.. its a mouthful :) used to document root cause analysis.\nPlease don't mind the rusticness of this site as i literally created this from scratch on AWS in a few hours.\nTransitioned from a One-Page single index.HTML file on AWS S3 with Route53,\n(recently i added ACM HTTPS certificate and Cloudfront CDN), to Hugo: an open source static site generator with theme \"hugo-clarity\" based on VMware by Broadcom Clarity Design System and theme \"hugo-photoswipe5-gallery\" to swipe easily pictures on mobile phone.\nFeel free to flip back and forth the Night color theme switch in the top right corner whenever you like, and make use of the search bar, and the categories or tags or series, and the to-top button, all of which may ease your browsing experience. There's an RSS feeds if you want to subscribe in the top right corner. And you'll find my Github - Twitter - Linkedin contacts as well. (Note at the attention of HR in France,Toulouse i'm still unemployed, feel free to get in touch.) Clicking on top center STRIVEVIRTUALLY will bring you to home. For the logo i used this site to generate it.\nEasy stuff!\nCheers,\n","link":"https://strivevirtually.net/about/","section":"","tags":null,"title":"About"},{"body":"Everything run virtually in a single box PHYSICAL LAB B.O.M 900€ (GPU \u0026amp; HDD not counted) RYZEN 2700 BOX (230€) officially support 64GB but it takes 128GB DDR4 Patriot 4 x 32GB at (100€) each with few BSOD MEMORY MANAGEMENT MOTHERBOARD MSI X570 (170€) 1TB SSD NVMe M.2 Micron P1 (100€) (100GB for OS and 831GB for LAB that became full! I got a story) Virtual Machines supporting Double Nested for VCF Lab running on VMware Workstation VM DC+DNS+iSCSI+NFS 2vCPUs 2GB\nVM HOST-ESXI+VCSA 16vCPUs 104GB\nConfiguration For Router specifically\n1 adapter not tagged for management\n8 adapter trunk port group vlan 4095 (coming from windows VMware Workstation VMNet adapter Configuration Jumbo + vlan 4095 + all IP protocols unchecked) 7 configured sub-interface dot1q tag corresponding to VLAN desired for the bringup 1 configured as trunk For Nested ESXi specifically\n4 adapter on trunk port group VMware Cloud Builder Validation errors -\u0026gt; solutions After deployment Automated VMware Cloud Foundation Lab Deployment\nOpen Outer vCenter change the 1st disk from 12GB to 32GB in Nested ESXi VMs or Cloud builder fail \u0026quot;VSAN_MIN_BOOT_DISKS.error\u0026quot;. Change the 3rd (Vsan Capacity) disk from 60GB to more than 150GB if the Nested ESXi are Nested themselves in an ESXi VM !! (I go into the inception movie running the Outer ESXi in a VM on windows VMware Workstation. The advantage to snapshot the whole thing is significantly appreciated especially for the VCF bringup but the slowness less appreciated.) Regarding speed I’m looking forward trying PCIe 4.0 NVME Once I upgrade my CPU 3700X to speedup some tasks of the bringup and avoid some CPU issues related (windows BSOD). Change all four passwords of SddcManager with ones as strong as the NSX ones I got “Gateway IP Management not contactable” -\u0026gt; patch it with KB 89990 found in (VCF 4.5 release notes) Failed VSAN Diskgroup -\u0026gt; esxcli system settings advanced set -o /VSAN/FakeSCSIReservations -i 1 on the Outer ESXi. For DUP esxcli system settings advanced set -o /Net/ReversePathFwdCheckPromisc -i 1 Instead of DHCP, use IP Pool VMware Cloud Foundation API Reference Guide SDDC look for \u0026quot;ESXi Host Overlay TEP IP Pool\u0026quot; Use a router IP as NTP for VCF but configure on the router a reliable stratum external NTP server After Validation All green, Before launching the bringup Modify some CloudBuilder timeout: 1vim /opt/vmware/bringup/webapps/bringup-app/conf/application.properties 2sed -i \u0026#39;s/ovf.deployment.timeout.period.in.minutes=40/ovf.deployment.timeout.period.in.minutes=180/\u0026#39; /opt/vmware/bringup/webapps/bringup-app/conf/application.properties 3sed -i -e\u0026#39;s/nsxt.disable.certificate.validation=true/nsxt.disable.certificate.validation=true\\nnsxt.manager.wait.minutes=180/\u0026#39; /opt/vmware/bringup/webapps/bringup-app/conf/application.properties 4echo \u0026#34;bringup.mgmt.cluster.minimum.size=1\u0026#34; \u0026gt;\u0026gt; /etc/vmware/vcf/bringup/application.properties 5systemctl restart vcf-bringup 6watch \u0026#34;systemctl status vcf-bringup\u0026#34; 7tail -f /opt/vmware/bringup/logs/vcf-bringup-debug.log Disable Automatic DRS of VC NSX and SDDC Manager after each deployment in the Inner Vcenter or else VSAN will rebalance those critical VM during the others being deployed : Cluster -\u0026gt; Configure -\u0026gt; VM Overrides -\u0026gt; Automatic DRS -\u0026gt; Disabled or Manual vcf-m01-vc01 vcf-m01-nsx01a vcf-m01-sddcm01 Knowing these issues beforehand allow to modify the OVAs and scripts before deploying for Nested ESXi and Cloud Builder, until a new version come up.\n","link":"https://strivevirtually.net/post/vcf-v4.5-lab/","section":"post","tags":["lab","Automation","VCF","Cloud Builder","NSX-t","VCENTER","ESXI"],"title":"**VCF V4.5 Lab**"},{"body":"This issue arise due to slow NFS access and lack of cpu for the initial primary cell boot. Encountered in version 10.4\nLong story short, issue this command to relax the timeout of NFS access: sed -i s/10s/60s/ /opt/vmware/appliance/bin/appliance-sync.sh\nand bump up the vCPUs from 2 to 4.\nThe best way to avoid tinkering the appliance scripts file is to give it at least 4 vCPUs before deploying, as there is an hard coded value of 8 CPUs, i detemined that 4 is sufficient based on top utility showing 400% cpu usage, meaning 4 x 100% x 1 CPU core.\nI had previously answered to this issue in VMware Technology Network (now Broadcom Community VMware Cloud Foundation / vcloud) which were found helpful. https://community.broadcom.com/vmware-cloud-foundation/discussion/configure-vcd-script-failed-to-complete\n","link":"https://strivevirtually.net/post/deploying-cloud-director-10.4-in-small-form-factor-the-troubleshoot/","section":"post","tags":["VCD"],"title":"**Deploying Cloud Director 10.4 in Small Form Factor the Troubleshoot**"},{"body":"","link":"https://strivevirtually.net/archives/","section":"","tags":null,"title":""},{"body":"","link":"https://strivevirtually.net/series/","section":"series","tags":null,"title":"Series"}]